In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible through object injection via an insecure type resolution vulnerability.
Metrics
Affected Vendors & Products
References
History
Tue, 15 Oct 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Progress
Progress telerik Reporting |
|
CPEs | cpe:2.3:a:progress:telerik_reporting:*:*:*:*:*:*:*:* | |
Vendors & Products |
Progress
Progress telerik Reporting |
Wed, 09 Oct 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Progress Software
Progress Software telerik Reporting |
|
CPEs | cpe:2.3:a:progress_software:telerik_reporting:*:*:*:*:*:*:*:* | |
Vendors & Products |
Progress Software
Progress Software telerik Reporting |
|
Metrics |
ssvc
|
Wed, 09 Oct 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible through object injection via an insecure type resolution vulnerability. | |
Title | Telerik Reporting EntityDataSource Insecure Type Resolution | |
Weaknesses | CWE-470 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: ProgressSoftware
Published: 2024-10-09T14:16:33.764Z
Updated: 2024-10-09T16:05:56.794Z
Reserved: 2024-08-20T16:06:14.930Z
Link: CVE-2024-8014
Vulnrichment
Updated: 2024-10-09T16:05:51.229Z
NVD
Status : Analyzed
Published: 2024-10-09T15:15:16.883
Modified: 2024-10-15T14:54:09.580
Link: CVE-2024-8014
Redhat
No data.