OpenCVE

Local ABL Client bypass of the required PASOE security checks may allow an attacker to commit unauthorized code injection into Multi-Session Agents on supported OpenEdge LTS platforms up to OpenEdge LTS 11.7.18 and LTS 12.2.13 on all supported release platforms

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Progress	Openedge

Configuration 1 [-]

OR	cpe:2.3:a:progress:openedge::::::::
	cpe:2.3:a:progress:openedge::::::::

No data.

References

Link	Providers
https://community.progress.com/s/article/Direct-local-client-connections-to-MS-Agents-can-bypass-authentication

History

Tue, 03 Sep 2024 15:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Progress Progress openedge
CPEs		cpe:2.3:a:progress:openedge::::::::
Vendors & Products		Progress Progress openedge
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 03 Sep 2024 15:00:00 +0000

Type	Values Removed	Values Added
Description		Local ABL Client bypass of the required PASOE security checks may allow an attacker to commit unauthorized code injection into Multi-Session Agents on supported OpenEdge LTS platforms up to OpenEdge LTS 11.7.18 and LTS 12.2.13 on all supported release platforms
Title		Direct local client connections to MS Agents can bypass authentication
Weaknesses		CWE-94
References		https://community.progress.com/s/article/Direct-local-client-connections-to-MS-Agents-can-bypass-authentication
Metrics		cvssV3_1 `{'score': 8.3, 'vector': 'CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: ProgressSoftware

Published: 2024-09-03T14:50:15.520Z

Updated: 2024-09-03T15:08:13.876Z

Reserved: 2024-07-31T17:32:09.678Z

Link: CVE-2024-7345

Vulnrichment

Updated: 2024-09-03T15:08:08.132Z

NVD

Status : Analyzed

Published: 2024-09-03T15:15:16.707

Modified: 2024-09-05T14:11:00.493

Link: CVE-2024-7345

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-7345", "assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05", "state": "PUBLISHED", "assignerShortName": "ProgressSoftware", "dateReserved": "2024-07-31T17:32:09.678Z", "datePublished": "2024-09-03T14:50:15.520Z", "dateUpdated": "2024-09-03T15:08:13.876Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "modules": ["PASOE Application Server", "OpenEdge Authentication Gateway"], "platforms": ["Windows", "Linux", "64 bit", "x86", "32 bit"], "product": "OpenEdge", "vendor": "Progress", "versions": [{"lessThanOrEqual": "11.7.19", "status": "affected", "version": "11.7.0", "versionType": "custom"}, {"lessThanOrEqual": "12.2.14", "status": "affected", "version": "12.2.0", "versionType": "custom"}, {"status": "unaffected", "version": "12.8.0", "versionType": "custom"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An active instance of OpenEdge PASOE's Tomcat Webserver and local or system adjacent access to an ABL client on the Webserver host<br>"}], "value": "An active instance of OpenEdge PASOE's Tomcat Webserver and local or system adjacent access to an ABL client on the Webserver host"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Local ABL Client bypass of the required PASOE security checks may allow an attacker to commit unauthorized code injection into Multi-Session Agents on supported OpenEdge LTS platforms up to OpenEdge LTS 11.7.18 and LTS 12.2.13 on all supported release platforms"}], "value": "Local ABL Client bypass of the required PASOE security checks may allow an attacker to commit unauthorized code injection into Multi-Session Agents on supported OpenEdge LTS platforms up to OpenEdge LTS 11.7.18 and LTS 12.2.13 on all supported release platforms"}], "impacts": [{"capecId": "CAPEC-664", "descriptions": [{"lang": "en", "value": "CAPEC-664 Server Side Request Forgery"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-94", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05", "shortName": "ProgressSoftware", "dateUpdated": "2024-09-03T14:50:15.520Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://community.progress.com/s/article/Direct-local-client-connections-to-MS-Agents-can-bypass-authentication"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Use the 12.8.0 or above LTS release where the vulnerability does not exist<br>"}], "value": "Use the 12.8.0 or above LTS release where the vulnerability does not exist"}, {"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Use the 12.2 LTS release at the 12.2.14 Update level or above<br>"}], "value": "Use the 12.2 LTS release at the 12.2.14 Update level or above"}, {"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Use the 11.7 LTS release at the 11.7.19 Update level or above\n\n<br>"}], "value": "Use the 11.7 LTS release at the 11.7.19 Update level or above"}], "source": {"discovery": "UNKNOWN"}, "title": "Direct local client connections to MS Agents can bypass authentication", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div>Do not put client software on host webserver systems<br></div>"}], "value": "Do not put client software on host webserver systems"}, {"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Ensure the \"AppServer.SessMgr.agentHost\" property is set to \"localhost\" unless you are multi-hosting a single Webserver system<br>"}], "value": "Ensure the \"AppServer.SessMgr.agentHost\" property is set to \"localhost\" unless you are multi-hosting a single Webserver system"}, {"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Block agent listening ports from network access anywhere with the exception of the PASOE Tomcat Webserver's published listening port<br>"}], "value": "Block agent listening ports from network access anywhere with the exception of the PASOE Tomcat Webserver's published listening port"}, {"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Launch PASOE agent processes with \"least privilege\" system resource capabilities<br>"}], "value": "Launch PASOE agent processes with \"least privilege\" system resource capabilities"}], "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "progress", "product": "openedge", "cpes": ["cpe:2.3:a:progress:openedge:*:*:*:*:*:*:*:*"], "defaultStatus": "affected", "versions": [{"version": "11.7.0", "status": "affected", "lessThanOrEqual": "11.7.19", "versionType": "custom"}, {"version": "12.2.0", "status": "affected", "lessThanOrEqual": "12.2.14", "versionType": "custom"}, {"version": "12.8.0", "status": "unaffected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-03T15:06:48.221094Z", "id": "CVE-2024-7345", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-03T15:08:13.876Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-7345", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-09-03T15:06:48.221094Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:progress:openedge:*:*:*:*:*:*:*:*"], "vendor": "progress", "product": "openedge", "versions": [{"status": "affected", "version": "11.7.0", "versionType": "custom", "lessThanOrEqual": "11.7.19"}, {"status": "affected", "version": "12.2.0", "versionType": "custom", "lessThanOrEqual": "12.2.14"}, {"status": "unaffected", "version": "12.8.0"}], "defaultStatus": "affected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-03T15:08:08.132Z"}}], "cna": {"title": "Direct local client connections to MS Agents can bypass authentication", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-664", "descriptions": [{"lang": "en", "value": "CAPEC-664 Server Side Request Forgery"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.3, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Progress", "modules": ["PASOE Application Server", "OpenEdge Authentication Gateway"], "product": "OpenEdge", "versions": [{"status": "affected", "version": "11.7.0", "versionType": "custom", "lessThanOrEqual": "11.7.19"}, {"status": "affected", "version": "12.2.0", "versionType": "custom", "lessThanOrEqual": "12.2.14"}, {"status": "unaffected", "version": "12.8.0", "versionType": "custom"}], "platforms": ["Windows", "Linux", "64 bit", "x86", "32 bit"], "defaultStatus": "affected"}], "solutions": [{"lang": "en", "value": "Use the 12.8.0 or above LTS release where the vulnerability does not exist", "supportingMedia": [{"type": "text/html", "value": "Use the 12.8.0 or above LTS release where the vulnerability does not exist<br>", "base64": false}]}, {"lang": "en", "value": "Use the 12.2 LTS release at the 12.2.14 Update level or above", "supportingMedia": [{"type": "text/html", "value": "Use the 12.2 LTS release at the 12.2.14 Update level or above<br>", "base64": false}]}, {"lang": "en", "value": "Use the 11.7 LTS release at the 11.7.19 Update level or above", "supportingMedia": [{"type": "text/html", "value": "Use the 11.7 LTS release at the 11.7.19 Update level or above\n\n<br>", "base64": false}]}], "references": [{"url": "https://community.progress.com/s/article/Direct-local-client-connections-to-MS-Agents-can-bypass-authentication", "tags": ["vendor-advisory"]}], "workarounds": [{"lang": "en", "value": "Do not put client software on host webserver systems", "supportingMedia": [{"type": "text/html", "value": "<div>Do not put client software on host webserver systems<br></div>", "base64": false}]}, {"lang": "en", "value": "Ensure the \"AppServer.SessMgr.agentHost\" property is set to \"localhost\" unless you are multi-hosting a single Webserver system", "supportingMedia": [{"type": "text/html", "value": "Ensure the \"AppServer.SessMgr.agentHost\" property is set to \"localhost\" unless you are multi-hosting a single Webserver system<br>", "base64": false}]}, {"lang": "en", "value": "Block agent listening ports from network access anywhere with the exception of the PASOE Tomcat Webserver's published listening port", "supportingMedia": [{"type": "text/html", "value": "Block agent listening ports from network access anywhere with the exception of the PASOE Tomcat Webserver's published listening port<br>", "base64": false}]}, {"lang": "en", "value": "Launch PASOE agent processes with \"least privilege\" system resource capabilities", "supportingMedia": [{"type": "text/html", "value": "Launch PASOE agent processes with \"least privilege\" system resource capabilities<br>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Local ABL Client bypass of the required PASOE security checks may allow an attacker to commit unauthorized code injection into Multi-Session Agents on supported OpenEdge LTS platforms up to OpenEdge LTS 11.7.18 and LTS 12.2.13 on all supported release platforms", "supportingMedia": [{"type": "text/html", "value": "Local ABL Client bypass of the required PASOE security checks may allow an attacker to commit unauthorized code injection into Multi-Session Agents on supported OpenEdge LTS platforms up to OpenEdge LTS 11.7.18 and LTS 12.2.13 on all supported release platforms", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "configurations": [{"lang": "en", "value": "An active instance of OpenEdge PASOE's Tomcat Webserver and local or system adjacent access to an ABL client on the Webserver host", "supportingMedia": [{"type": "text/html", "value": "An active instance of OpenEdge PASOE's Tomcat Webserver and local or system adjacent access to an ABL client on the Webserver host<br>", "base64": false}]}], "providerMetadata": {"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05", "shortName": "ProgressSoftware", "dateUpdated": "2024-09-03T14:50:15.520Z"}}}, "cveMetadata": {"cveId": "CVE-2024-7345", "state": "PUBLISHED", "dateUpdated": "2024-09-03T15:08:13.876Z", "dateReserved": "2024-07-31T17:32:09.678Z", "assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05", "datePublished": "2024-09-03T14:50:15.520Z", "assignerShortName": "ProgressSoftware"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:progress:openedge:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E38EE20-1A60-46BB-8045-965B60B09B68", "versionEndIncluding": "11.7.18", "vulnerable": true}, {"criteria": "cpe:2.3:a:progress:openedge:*:*:*:*:*:*:*:*", "matchCriteriaId": "EE560C37-3845-4B18-BDDC-38FF65C4CA2C", "versionEndIncluding": "12.2.13", "versionStartIncluding": "12.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Local ABL Client bypass of the required PASOE security checks may allow an attacker to commit unauthorized code injection into Multi-Session Agents on supported OpenEdge LTS platforms up to OpenEdge LTS 11.7.18 and LTS 12.2.13 on all supported release platforms"}, {"lang": "es", "value": "La omisi\u00f3n por parte del cliente ABL local de las comprobaciones de seguridad PASOE requeridas puede permitir que un atacante realice una inyecci\u00f3n de c\u00f3digo no autorizada en agentes multisesi\u00f3n en plataformas OpenEdge LTS compatibles hasta OpenEdge LTS 11.7.18 y LTS 12.2.13 en todas las plataformas de lanzamiento compatibles"}], "id": "CVE-2024-7345", "lastModified": "2024-09-05T14:11:00.493", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 6.0, "source": "security@progress.com", "type": "Secondary"}]}, "published": "2024-09-03T15:15:16.707", "references": [{"source": "security@progress.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://community.progress.com/s/article/Direct-local-client-connections-to-MS-Agents-can-bypass-authentication"}], "sourceIdentifier": "security@progress.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-94"}], "source": "security@progress.com", "type": "Secondary"}]}