vulnerability

Authentication Bypass in Telerik Report Server

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
10	(AV:N/AC:L/Au:N/C:C/I:C/A:C)	May 29, 2024	Jun 20, 2024	Jun 21, 2024

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

May 29, 2024

Added

Jun 20, 2024

Modified

Jun 21, 2024

Description

In Progress Telerik Report Server, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability.

Solution

telerik-report-server-upgrade-latest

References

CVE-2024-4358
https://attackerkb.com/topics/CVE-2024-4358
URL-https://docs.telerik.com/report-server/knowledge-base/registration-auth-bypass-cve-2024-4358

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today