In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), an HTTP DoS attack is possible on anonymous endpoints without rate limiting.
Metrics
Affected Vendors & Products
References
History
Tue, 15 Oct 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Progress telerik Reporting
|
|
Weaknesses | NVD-CWE-noinfo | |
CPEs | cpe:2.3:a:progress:telerik_reporting:*:*:*:*:*:*:*:* | |
Vendors & Products |
Progress telerik Reporting
|
Wed, 09 Oct 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Progress
Progress telerik Report Server |
|
CPEs | cpe:2.3:a:progress:telerik_report_server:*:*:*:*:*:*:*:* | |
Vendors & Products |
Progress
Progress telerik Report Server |
|
Metrics |
ssvc
|
Wed, 09 Oct 2024 15:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), an HTTP DoS attack is possible on anonymous endpoints without rate limiting. | |
Title | Uncontrolled resource consumption of anonymous endpoints | |
Weaknesses | CWE-400 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: ProgressSoftware
Published: 2024-10-09T14:45:30.445Z
Updated: 2024-10-09T16:17:21.325Z
Reserved: 2024-07-30T14:58:14.413Z
Link: CVE-2024-7294
Vulnrichment
Updated: 2024-10-09T16:17:08.948Z
NVD
Status : Analyzed
Published: 2024-10-09T15:15:16.463
Modified: 2024-10-15T14:51:43.663
Link: CVE-2024-7294
Redhat
No data.