资产发布器

null A newly disclosed vulnerability, tracked as CVE-2024-1403, has been identified in Progress Software OpenEdge Authentication Gateway and AdminServer.

todays news   🚨 Critical Security Alert 🚨 A newly disclosed vulnerability, tracked as CVE-2024-1403, has been identified in Progress Software OpenEdge Authentication Gateway and AdminServer. This flaw could potentially allow attackers to bypass authentication protections, leading to unauthorized access. With a severity rating of 10.0 on the CVSS scoring system, it's crucial to take action.

The vulnerability impacts OpenEdge versions 11.7.18 and earlier, 12.2.13 and earlier, and 12.8.0. Progress Software has released patches in versions OpenEdge LTS Update 11.7.19, 12.2.14, and 12.8.1 to address this issue.

A proof-of-concept (PoC) exploit for CVE-2024-1403 has been made available, revealing that unauthorized access could occur due to improper handling of unexpected username and password inputs. Security experts at Horizon3.ai have dissected the vulnerable AdminServer service, uncovering potential avenues for remote code execution.

Stay vigilant and ensure your systems are updated to the latest patched versions to mitigate the risk posed by this critical vulnerability. #CyberSecurity #CVE20241403 #ProgressSoftware #OpenEdge #PatchNow