In Progress Telerik Report Server versions prior to 2024 Q3 (10.2.24.924), a remote code execution attack is possible through object injection via an insecure type resolution vulnerability.
Metrics
Affected Vendors & Products
References
History
Tue, 15 Oct 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Progress
Progress telerik Report Server |
|
CPEs | cpe:2.3:a:progress:telerik_report_server:*:*:*:*:*:*:*:* | |
Vendors & Products |
Progress
Progress telerik Report Server |
Wed, 09 Oct 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Progress Software
Progress Software telerik Reporting |
|
CPEs | cpe:2.3:a:progress_software:telerik_reporting:*:*:*:*:*:*:*:* | |
Vendors & Products |
Progress Software
Progress Software telerik Reporting |
|
Metrics |
ssvc
|
Wed, 09 Oct 2024 15:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | In Progress Telerik Report Server versions prior to 2024 Q3 (10.2.24.924), a remote code execution attack is possible through object injection via an insecure type resolution vulnerability. | |
Title | Telerik Report Server Insecure Type Resolution | |
Weaknesses | CWE-470 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: ProgressSoftware
Published: 2024-10-09T14:49:19.603Z
Updated: 2024-10-09T16:06:49.209Z
Reserved: 2024-08-20T16:06:35.623Z
Link: CVE-2024-8015
Vulnrichment
Updated: 2024-10-09T16:06:43.005Z
NVD
Status : Analyzed
Published: 2024-10-09T15:15:17.097
Modified: 2024-10-15T14:55:12.340
Link: CVE-2024-8015
Redhat
No data.