Lucene search
ProgressSoftwareCVE-2024-4202HistoryMay 15, 2024 - 5:15 p.m.
CVE-2024-4202
2024-05-1517:15:15
CWE-94
ProgressSoftware
web.nvd.nist.gov
6
cve-2024-4202
progress telerik reporting
code execution
insecure instantiation
nvd
CVSS3
7.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
AI Score
7.2
Confidence
Low
EPSS
0
Percentile
9.0%
In Progress® Telerik® Reporting versions prior to 2024 Q2 (18.1.24.514), a code execution attack is possible through an insecure instantiation vulnerability.
CNA Affected
[
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux"
],
"product": "Telerik Reporting",
"vendor": "Progress Software Corporation",
"versions": [
{
"lessThan": "18.1.24.2.514",
"status": "affected",
"version": "1.0.0.0",
"versionType": "semver"
}
]
}
]Related
nvd
nvd
CVE-2024-4202
2024-05-15 17:15:15
vulnrichment
vulnrichment
CVE-2024-4202 Progress Telerik Reporting Local Instantiation Vulnerability
2024-05-15 16:53:30
cvelist
cvelist
CVE-2024-4202 Progress Telerik Reporting Local Instantiation Vulnerability
2024-05-15 16:53:30
nessus
nessus
Progress Telerik Reporting < 2024 Q2 (18.1.24.514) Multiple Vulnerabilities
2024-05-17 00:00:00
CVSS3
7.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
AI Score
7.2
Confidence
Low
EPSS
0
Percentile
9.0%
Related for CVE-2024-4202