Search criteria
145 vulnerabilities
CVE-2025-13147 (GCVE-0-2025-13147)
Vulnerability from cvelistv5 – Published: 2025-11-19 20:45 – Updated: 2025-11-19 20:50
VLAI?
Summary
Server-Side Request Forgery (SSRF) vulnerability in Progress MOVEit Transfer.This issue affects MOVEit Transfer: before 2024.1.8, from 2025.0.0 before 2025.0.4.
Severity ?
5.3 (Medium)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress | MOVEit Transfer |
Affected:
0 , < 2024.1.8
(semver)
Affected: 2025.0.0 , < 2025.0.4 (semver) |
Credits
Early Warning Services
Michael McCambridge
Brian Tigges
Jason Scribner
Alex Achs
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13147",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-19T20:49:54.892323Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T20:50:10.151Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MOVEit Transfer",
"vendor": "Progress",
"versions": [
{
"lessThan": "2024.1.8",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "2025.0.4",
"status": "affected",
"version": "2025.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Early Warning Services"
},
{
"lang": "en",
"type": "finder",
"value": "Michael McCambridge"
},
{
"lang": "en",
"type": "finder",
"value": "Brian Tigges"
},
{
"lang": "en",
"type": "finder",
"value": "Jason Scribner"
},
{
"lang": "en",
"type": "finder",
"value": "Alex Achs"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Server-Side Request Forgery (SSRF) vulnerability in Progress MOVEit Transfer.\u003cp\u003eThis issue affects MOVEit Transfer: before 2024.1.8, from 2025.0.0 before 2025.0.4.\u003c/p\u003e"
}
],
"value": "Server-Side Request Forgery (SSRF) vulnerability in Progress MOVEit Transfer.This issue affects MOVEit Transfer: before 2024.1.8, from 2025.0.0 before 2025.0.4."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T20:45:48.418Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://docs.progress.com/bundle/moveit-transfer-release-notes-2024/page/Fixed-Issues-in-2024.1.8.html"
},
{
"url": "https://docs.progress.com/bundle/moveit-transfer-release-notes-2025/page/Fixed-Issues-in-2025.0.4.html"
},
{
"url": "https://docs.progress.com/bundle/moveit-transfer-release-notes-2025_1/page/Fixed-Issues-in-2025.1.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "External Service Interaction (DNS)",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-13147",
"datePublished": "2025-11-19T20:45:48.418Z",
"dateReserved": "2025-11-13T20:06:29.891Z",
"dateUpdated": "2025-11-19T20:50:10.151Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10703 (GCVE-0-2025-10703)
Vulnerability from cvelistv5 – Published: 2025-11-19 15:47 – Updated: 2025-11-20 04:55
VLAI?
Summary
Improper Control of Generation of Code ('Code Injection') vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows Remote Code Inclusion.
The SpyAttribute connection option implemented by the DataDirect Connect for JDBC drivers, DataDirect Hybrid Data Pipeline JDBC driver and the DataDirect OpenAccess JDBC driver log=(file) construct allows the user to specify an arbitrary file for the JDBC driver to write its log information to. If an application allows an end user to specify a value for the SpyAttributes connection option then an attacker could cause java script to be written to a log file. If the log file was in the correct location with the correct extension, an application server could see that log file as a resource to be served. The attacker could fetch the resource from the server causing the java script to be executed.
This issue affects:
DataDirect Connect for JDBC for Amazon Redshift: through 6.0.0.001392, fixed in 6.0.0.001541
DataDirect Connect for JDBC for Apache Cassandra: through 6.0.0.000805, fixed in 6.0.0.000833
DataDirect Connect for JDBC for Hive: through 6.0.1.001499, fixed in 6.0.1.001628
DataDirect Connect for JDBC for Apache Impala: through 6.0.0.001155, fixed in 6.0.0.001279
DataDirect Connect for JDBC for Apache SparkSQL: through 6.0.1.001222, fixed in 6.0.1.001344
DataDirect Connect for JDBC Autonomous REST Connector: through 6.0.1.006961, fixed in 6.0.1.007063
DataDirect Connect for JDBC for DB2: through 6.0.0.000717, fixed in 6.0.0.000964
DataDirect Connect for JDBC for Google Analytics 4: through 6.0.0.000454, fixed in 6.0.0.000525
DataDirect Connect for JDBC for Google BigQuery: through 6.0.0.002279, fixed in 6.0.0.002410
DataDirect Connect for JDBC for Greenplum: through 6.0.0.001712, fixed in 6.0.0.001727
DataDirect Connect for JDBC for Informix: through 6.0.0.000690, fixed in 6.0.0.0851
DataDirect Connect for JDBC for Microsoft Dynamics 365: through 6.0.0.003161, fixed in 6.0.0.3198
DataDirect Connect for JDBC for Microsoft SQLServer: through 6.0.0.001936, fixed in 6.0.0.001957
DataDirect Connect for JDBC for Microsoft Sharepoint: through 6.0.0.001559, fixed in 6.0.0.001587
DataDirect Connect for JDBC for MongoDB: through 6.1.0.001654, fixed in 6.1.0.001669
DataDirect Connect for JDBC for MySQL: through 5.1.4.000330, fixed in 5.1.4.000364
DataDirect Connect for JDBC for Oracle Database: through 6.0.0.001747, fixed in 6.0.0.001776
DataDirect Connect for JDBC for Oracle Eloqua: through 6.0.0.001438, fixed in 6.0.0.001458
DataDirect Connect for JDBC for Oracle Sales Cloud: through 6.0.0.001225, fixed in 6.0.0.001316
DataDirect Connect for JDBC for Oracle Service Cloud: through 5.1.4.000298, fixed in 5.1.4.000309
DataDirect Connect for JDBC for PostgreSQL: through 6.0.0.001843, fixed in 6.0.0.001856
DataDirect Connect for JDBC for Progress OpenEdge: through 5.1.4.000187, fixed in 5.1.4.000189
DataDirect Connect for JDBC for Salesforce: through 6.0.0.003020, fixed in 6.0.0.003125
DataDirect Connect for JDBC for SAP HANA: through 6.0.0.000879, product retired
DataDirect Connect for JDBC for SAP S/4 HANA: through 6.0.1.001818, fixed in 6.0.1.001858
DataDirect Connect for JDBC for Sybase ASE: through 5.1.4.000161, fixed in 5.1.4.000162
DataDirect Connect for JDBC for Snowflake: through 6.0.1.001821, fixed in 6.0.1.001856
DataDirect Hybrid Data Pipeline Server: through 4.6.2.3309, fixed in 4.6.2.3430
DataDirect Hybrid Data Pipeline JDBC Driver: through 4.6.2.0607, fixed in 4.6.2.1023
DataDirect Hybrid Data Pipeline On Premises Connector: through 4.6.2.1223, fixed in 4.6.2.1339
DataDirect Hybrid Data Pipeline Docker: through 4.6.2.3316, fixed in 4.6.2.3430
DataDirect OpenAccess JDBC Driver: through 8.1.0.0177, fixed in 8.1.0.0183
DataDirect OpenAccess JDBC Driver: through 9.0.0.0019, fixed in 9.0.0.0022
Severity ?
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Progress | DataDirect Connect for JDBC for Amazon Redshift |
Affected:
0 , ≤ 6.0.0.001392
(custom)
Unaffected: 6.0.0.001541 (custom) |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Brecht Snijders of Triskele Labs
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10703",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-19T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T04:55:24.843Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Amazon Redshift",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001392",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001541",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Apache Cassandra",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.000805",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.000833",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Hive",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.1.001499",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.1.001628",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Apache Impala",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001155",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.1279",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Apache SparkSQL",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.1.001222",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.1.001344",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC Autonomous REST Connector",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.1.006961",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.1.007063",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for DB2",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.000717",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.000964",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Google Analytics 4",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.000454",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.000525"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Google BigQuery",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.002279",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.002410",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Greenplum",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001712",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001727",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Informix",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.000690",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.000851",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Microsoft Dynamics 365",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.003161",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.003198",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Microsoft SQLServer",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001936",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001957",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Microsoft Sharepoint",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001559",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001587",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for MongoDB",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.1.0.001654",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.1.0.001669",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for MySQL",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "5.1.4.000330",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "5.1.4.000364",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Oracle Database",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001747",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001776",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Oracle Eloqua",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001438",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001458",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Oracle Sales Cloud",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001225",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001316",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Oracle Service Cloud",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "5.1.4.000298",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "5.1.4.000309",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for PostgreSQL",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001843",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001856",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Progress OpenEdge",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "5.1.4.000187",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "5.1.4.000189",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Salesforce",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.003020",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.003125",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for SAP HANA",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.000879",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for SAP S/4 HANA",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001818",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.1.001858",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Sybase ASE",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "5.1.4.000161",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "5.1.4.000162",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Snowflake",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.1.001821",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.1.001856",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Hybrid Data Pipeline Server",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "4.6.2.3309",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.6.2.3430",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Hybrid Data Pipeline JDBC Driver",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "4.6.2.0607",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.6.2.1023",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Hybrid Data Pipeline On Premises Connector",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "4.6.2.1223",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.6.2.1339",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Hybrid Data Pipeline Docker",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "4.6.2.3316",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.6.2.3430",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect OpenAccess JDBC Driver",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "8.1.0.0177",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "8.1.0.0183",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect OpenAccess JDBC Driver",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "9.0.0.0019",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "9.0.0.0022",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Brecht Snijders of Triskele Labs"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Control of Generation of Code (\u0027Code Injection\u0027) vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows Remote Code Inclusion.\u003cbr\u003e\u003cbr\u003eThe SpyAttribute connection option implemented by the DataDirect Connect for JDBC drivers, DataDirect Hybrid Data Pipeline JDBC driver and the DataDirect OpenAccess JDBC driver log=(file) construct allows the user to specify an arbitrary file for the JDBC driver to write its log information to.\u0026nbsp; If an application allows an end user to specify a value for the SpyAttributes connection option then an attacker could cause java script to be written to a log file.\u0026nbsp; If the log file was in the correct location with the correct extension, an application server could see that log file as a resource to be served.\u0026nbsp; The attacker could fetch the resource from the server causing the java script to be executed.\u003cbr\u003e\u003cbr\u003e\u003cp\u003e\n\n\u003c/p\u003e\u003cdiv\u003eThis issue affects:\u003c/div\u003e\u003cdiv\u003e\n\n\u003cdiv\u003eDataDirect Connect for JDBC for Amazon Redshift: through 6.0.0.001392, fixed in 6.0.0.001541\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Apache Cassandra: through 6.0.0.000805, fixed in 6.0.0.000833\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Hive: through 6.0.1.001499, fixed in 6.0.1.001628\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Apache Impala: through 6.0.0.001155, fixed in 6.0.0.001279\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Apache SparkSQL: through 6.0.1.001222, fixed in 6.0.1.001344\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC Autonomous REST Connector: through 6.0.1.006961, fixed in 6.0.1.007063\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for DB2: through 6.0.0.000717, fixed in 6.0.0.000964\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Google Analytics 4: through 6.0.0.000454, fixed in 6.0.0.000525\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Google BigQuery: through 6.0.0.002279, fixed in 6.0.0.002410\u003cbr\u003eDataDirect Connect for JDBC for Greenplum: through 6.0.0.001712, fixed in 6.0.0.001727\u003cbr\u003eDataDirect Connect for JDBC for Informix: through 6.0.0.000690, fixed in 6.0.0.0851\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Microsoft Dynamics 365: through 6.0.0.003161, fixed in 6.0.0.3198\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Microsoft SQLServer: through 6.0.0.001936, fixed in 6.0.0.001957\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Microsoft Sharepoint: through 6.0.0.001559, fixed in 6.0.0.001587\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for MongoDB: through 6.1.0.001654, fixed in 6.1.0.001669\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for MySQL: through 5.1.4.000330, fixed in 5.1.4.000364\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Oracle Database: through 6.0.0.001747, fixed in 6.0.0.001776\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Oracle Eloqua: through 6.0.0.001438, fixed in 6.0.0.001458\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Oracle Sales Cloud: through 6.0.0.001225, fixed in 6.0.0.001316\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Oracle Service Cloud: through 5.1.4.000298, fixed in 5.1.4.000309\u003cbr\u003eDataDirect Connect for JDBC for PostgreSQL: through 6.0.0.001843, fixed in 6.0.0.001856\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Progress OpenEdge: through 5.1.4.000187, fixed in 5.1.4.000189\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Salesforce: through 6.0.0.003020, fixed in 6.0.0.003125\u003cbr\u003eDataDirect Connect for JDBC for SAP HANA: through 6.0.0.000879, product retired\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for SAP S/4 HANA: through 6.0.1.001818, fixed in 6.0.1.001858\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Sybase ASE: through 5.1.4.000161, fixed in 5.1.4.000162\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Snowflake: through 6.0.1.001821, fixed in 6.0.1.001856\u003c/div\u003e\u003cdiv\u003eDataDirect Hybrid Data Pipeline Server: through 4.6.2.3309, fixed in 4.6.2.3430\u003c/div\u003e\u003cdiv\u003eDataDirect Hybrid Data Pipeline JDBC Driver: through 4.6.2.0607, fixed in 4.6.2.1023\u003c/div\u003e\u003cdiv\u003eDataDirect Hybrid Data Pipeline On Premises Connector: through 4.6.2.1223, fixed in 4.6.2.1339\u003cbr\u003eDataDirect Hybrid Data Pipeline Docker: through 4.6.2.3316, fixed in 4.6.2.3430\u003c/div\u003e\u003cdiv\u003eDataDirect OpenAccess JDBC Driver: through 8.1.0.0177, fixed in 8.1.0.0183\u003c/div\u003e\u003cdiv\u003eDataDirect OpenAccess JDBC Driver: through 9.0.0.0019, fixed in 9.0.0.0022\u003c/div\u003e\n\n\u003cbr\u003e\u003c/div\u003e\n\n\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Improper Control of Generation of Code (\u0027Code Injection\u0027) vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows Remote Code Inclusion.\n\nThe SpyAttribute connection option implemented by the DataDirect Connect for JDBC drivers, DataDirect Hybrid Data Pipeline JDBC driver and the DataDirect OpenAccess JDBC driver log=(file) construct allows the user to specify an arbitrary file for the JDBC driver to write its log information to.\u00a0 If an application allows an end user to specify a value for the SpyAttributes connection option then an attacker could cause java script to be written to a log file.\u00a0 If the log file was in the correct location with the correct extension, an application server could see that log file as a resource to be served.\u00a0 The attacker could fetch the resource from the server causing the java script to be executed.\n\n\n\n\n\nThis issue affects:\n\n\n\nDataDirect Connect for JDBC for Amazon Redshift: through 6.0.0.001392, fixed in 6.0.0.001541\n\nDataDirect Connect for JDBC for Apache Cassandra: through 6.0.0.000805, fixed in 6.0.0.000833\n\nDataDirect Connect for JDBC for Hive: through 6.0.1.001499, fixed in 6.0.1.001628\n\nDataDirect Connect for JDBC for Apache Impala: through 6.0.0.001155, fixed in 6.0.0.001279\n\nDataDirect Connect for JDBC for Apache SparkSQL: through 6.0.1.001222, fixed in 6.0.1.001344\n\nDataDirect Connect for JDBC Autonomous REST Connector: through 6.0.1.006961, fixed in 6.0.1.007063\n\nDataDirect Connect for JDBC for DB2: through 6.0.0.000717, fixed in 6.0.0.000964\n\nDataDirect Connect for JDBC for Google Analytics 4: through 6.0.0.000454, fixed in 6.0.0.000525\n\nDataDirect Connect for JDBC for Google BigQuery: through 6.0.0.002279, fixed in 6.0.0.002410\nDataDirect Connect for JDBC for Greenplum: through 6.0.0.001712, fixed in 6.0.0.001727\nDataDirect Connect for JDBC for Informix: through 6.0.0.000690, fixed in 6.0.0.0851\n\n\nDataDirect Connect for JDBC for Microsoft Dynamics 365: through 6.0.0.003161, fixed in 6.0.0.3198\n\nDataDirect Connect for JDBC for Microsoft SQLServer: through 6.0.0.001936, fixed in 6.0.0.001957\n\nDataDirect Connect for JDBC for Microsoft Sharepoint: through 6.0.0.001559, fixed in 6.0.0.001587\n\nDataDirect Connect for JDBC for MongoDB: through 6.1.0.001654, fixed in 6.1.0.001669\n\nDataDirect Connect for JDBC for MySQL: through 5.1.4.000330, fixed in 5.1.4.000364\n\nDataDirect Connect for JDBC for Oracle Database: through 6.0.0.001747, fixed in 6.0.0.001776\n\nDataDirect Connect for JDBC for Oracle Eloqua: through 6.0.0.001438, fixed in 6.0.0.001458\n\nDataDirect Connect for JDBC for Oracle Sales Cloud: through 6.0.0.001225, fixed in 6.0.0.001316\n\nDataDirect Connect for JDBC for Oracle Service Cloud: through 5.1.4.000298, fixed in 5.1.4.000309\nDataDirect Connect for JDBC for PostgreSQL: through 6.0.0.001843, fixed in 6.0.0.001856\n\n\nDataDirect Connect for JDBC for Progress OpenEdge: through 5.1.4.000187, fixed in 5.1.4.000189\n\nDataDirect Connect for JDBC for Salesforce: through 6.0.0.003020, fixed in 6.0.0.003125\nDataDirect Connect for JDBC for SAP HANA: through 6.0.0.000879, product retired\n\nDataDirect Connect for JDBC for SAP S/4 HANA: through 6.0.1.001818, fixed in 6.0.1.001858\n\nDataDirect Connect for JDBC for Sybase ASE: through 5.1.4.000161, fixed in 5.1.4.000162\n\nDataDirect Connect for JDBC for Snowflake: through 6.0.1.001821, fixed in 6.0.1.001856\n\nDataDirect Hybrid Data Pipeline Server: through 4.6.2.3309, fixed in 4.6.2.3430\n\nDataDirect Hybrid Data Pipeline JDBC Driver: through 4.6.2.0607, fixed in 4.6.2.1023\n\nDataDirect Hybrid Data Pipeline On Premises Connector: through 4.6.2.1223, fixed in 4.6.2.1339\nDataDirect Hybrid Data Pipeline Docker: through 4.6.2.3316, fixed in 4.6.2.3430\n\nDataDirect OpenAccess JDBC Driver: through 8.1.0.0177, fixed in 8.1.0.0183\n\nDataDirect OpenAccess JDBC Driver: through 9.0.0.0019, fixed in 9.0.0.0022"
}
],
"impacts": [
{
"capecId": "CAPEC-253",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-253 Remote Code Inclusion"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T15:47:07.908Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://community.progress.com/s/article/Progress-DataDirect-Critical-Security-Product-Alert-Bulletin-November-2025"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-10703",
"datePublished": "2025-11-19T15:47:07.908Z",
"dateReserved": "2025-09-18T19:40:28.783Z",
"dateUpdated": "2025-11-20T04:55:24.843Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10702 (GCVE-0-2025-10702)
Vulnerability from cvelistv5 – Published: 2025-11-19 15:46 – Updated: 2025-11-20 04:55
VLAI?
Summary
Improper Control of Generation of Code ('Code Injection') vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows Remote Code Inclusion.
The SpyAttribute connection option implemented by the DataDirect Connect for JDBC drivers, DataDirect Hybrid Data Pipeline JDBC driver and the DataDirect OpenAccess JDBC driver supports an undocumented syntax construct for the option value that if discovered can be used by an attacker. If an application allows an end user to specify a value for the SpyAttributes connection option then an attacker can use the undocumented syntax to cause the driver to load an arbitrary class on the class path and execute a constructor on that class.
This issue affects:
DataDirect Connect for JDBC for Amazon Redshift: through 6.0.0.001392, fixed in 6.0.0.001541
DataDirect Connect for JDBC for Apache Cassandra: through 6.0.0.000805, fixed in 6.0.0.000833
DataDirect Connect for JDBC for Hive: through 6.0.1.001499, fixed in 6.0.1.001628
DataDirect Connect for JDBC for Apache Impala: through 6.0.0.001155, fixed in 6.0.0.001279
DataDirect Connect for JDBC for Apache SparkSQL: through 6.0.1.001222, fixed in 6.0.1.001344
DataDirect Connect for JDBC Autonomous REST Connector: through 6.0.1.006961, fixed in 6.0.1.007063
DataDirect Connect for JDBC for DB2: through 6.0.0.000717, fixed in 6.0.0.000964
DataDirect Connect for JDBC for Google Analytics 4: through 6.0.0.000454, fixed in 6.0.0.000525
DataDirect Connect for JDBC for Google BigQuery: through 6.0.0.002279, fixed in 6.0.0.002410
DataDirect Connect for JDBC for Greenplum: through 6.0.0.001712, fixed in 6.0.0.001727
DataDirect Connect for JDBC for Informix: through 6.0.0.000690, fixed in 6.0.0.0851
DataDirect Connect for JDBC for Microsoft Dynamics 365: through 6.0.0.003161, fixed in 6.0.0.3198
DataDirect Connect for JDBC for Microsoft SQLServer: through 6.0.0.001936, fixed in 6.0.0.001957
DataDirect Connect for JDBC for Microsoft Sharepoint: through 6.0.0.001559, fixed in 6.0.0.001587
DataDirect Connect for JDBC for MongoDB: through 6.1.0.001654, fixed in 6.1.0.001669
DataDirect Connect for JDBC for MySQL: through 5.1.4.000330, fixed in 5.1.4.000364
DataDirect Connect for JDBC for Oracle Database: through 6.0.0.001747, fixed in 6.0.0.001776
DataDirect Connect for JDBC for Oracle Eloqua: through 6.0.0.001438, fixed in 6.0.0.001458
DataDirect Connect for JDBC for Oracle Sales Cloud: through 6.0.0.001225, fixed in 6.0.0.001316
DataDirect Connect for JDBC for Oracle Service Cloud: through 5.1.4.000298, fixed in 5.1.4.000309
DataDirect Connect for JDBC for PostgreSQL: through 6.0.0.001843, fixed in 6.0.0.001856
DataDirect Connect for JDBC for Progress OpenEdge: through 5.1.4.000187, fixed in 5.1.4.000189
DataDirect Connect for JDBC for Salesforce: through 6.0.0.003020, fixed in 6.0.0.003125
DataDirect Connect for JDBC for SAP HANA: through 6.0.0.000879, product retired
DataDirect Connect for JDBC for SAP S/4 HANA: through 6.0.1.001818, fixed in 6.0.1.001858
DataDirect Connect for JDBC for Sybase ASE: through 5.1.4.000161, fixed in 5.1.4.000162
DataDirect Connect for JDBC for Snowflake: through 6.0.1.001821, fixed in 6.0.1.001856
DataDirect Hybrid Data Pipeline Server: through 4.6.2.3309, fixed in 4.6.2.3430
DataDirect Hybrid Data Pipeline JDBC Driver: through 4.6.2.0607, fixed in 4.6.2.1023
DataDirect Hybrid Data Pipeline On Premises Connector: through 4.6.2.1223, fixed in 4.6.2.1339
DataDirect Hybrid Data Pipeline Docker: through 4.6.2.3316, fixed in 4.6.2.3430
DataDirect OpenAccess JDBC Driver: through 8.1.0.0177, fixed in 8.1.0.0183
DataDirect OpenAccess JDBC Driver: through 9.0.0.0019, fixed in 9.0.0.0022
Severity ?
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Progress | DataDirect Connect for JDBC for Amazon Redshift |
Affected:
0 , ≤ 6.0.0.001392
(custom)
Unaffected: 6.0.0.001541 (custom) |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Brecht Snijders of Triskele Labs
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10702",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-19T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T04:55:24.080Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Amazon Redshift",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001392",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001541",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Apache Cassandra",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.000805",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.000833",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Hive",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.1.001499",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.1.001628",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Apache Impala",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001155",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.1279",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Apache SparkSQL",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.1.001222",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.1.001344",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC Autonomous REST Connector",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.1.006961",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.1.007063",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for DB2",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.000717",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.000964",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Google Analytics 4",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.000454",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.000525"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Google BigQuery",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.002279",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.002410",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Greenplum",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001712",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001727",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Informix",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.000690",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.000851",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Microsoft Dynamics 365",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.003161",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.003198",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Microsoft SQLServer",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001936",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001957",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Microsoft Sharepoint",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001559",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001587",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for MongoDB",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.1.0.001654",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.1.0.001669",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for MySQL",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "5.1.4.000330",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "5.1.4.000364",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Oracle Database",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001747",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001776",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Oracle Eloqua",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001438",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001458",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Oracle Sales Cloud",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001225",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001316",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Oracle Service Cloud",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "5.1.4.000298",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "5.1.4.000309",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for PostgreSQL",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001843",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001856",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Progress OpenEdge",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "5.1.4.000187",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "5.1.4.000189",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Salesforce",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.003020",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.003125",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for SAP HANA",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.000879",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for SAP S/4 HANA",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.1.001818",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.1.001858",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Sybase ASE",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "5.1.4.000161",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "5.1.4.000162",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Snowflake",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.1.001821",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.1.001856",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Hybrid Data Pipeline Server",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "4.6.2.3309",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.6.2.3430",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Hybrid Data Pipeline JDBC Driver",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "4.6.2.0607",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.6.2.1023",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Hybrid Data Pipeline On Premises Connector",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "4.6.2.1223",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.6.2.1339",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Hybrid Data Pipeline Docker",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "4.6.2.3316",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.6.2.3430",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect OpenAccess JDBC Driver",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "8.1.0.0177",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "8.1.0.0183",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect OpenAccess JDBC Driver",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "9.0.0.0019",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "9.0.0.0022",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Brecht Snijders of Triskele Labs"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003eImproper Control of Generation of Code (\u0027Code Injection\u0027) vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows Remote Code Inclusion.\u003c/div\u003e\u003cbr\u003e\u003cdiv\u003eThe SpyAttribute connection option implemented by the DataDirect Connect for JDBC drivers, DataDirect Hybrid Data Pipeline JDBC driver and the DataDirect OpenAccess JDBC driver supports an undocumented syntax construct for the option value that if discovered can be used by an attacker. If an application allows an end user to specify a value for the SpyAttributes connection option then an attacker can use the undocumented syntax to cause the driver to load an arbitrary class on the class path and execute a constructor on that class. \u0026nbsp;\u003c/div\u003e\u003cbr\u003e\u003cdiv\u003eThis issue affects:\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Amazon Redshift: through 6.0.0.001392, fixed in 6.0.0.001541\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Apache Cassandra: through 6.0.0.000805, fixed in 6.0.0.000833\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Hive: through 6.0.1.001499, fixed in 6.0.1.001628\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Apache Impala: through 6.0.0.001155, fixed in 6.0.0.001279\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Apache SparkSQL: through 6.0.1.001222, fixed in 6.0.1.001344\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC Autonomous REST Connector: through 6.0.1.006961, fixed in 6.0.1.007063\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for DB2: through 6.0.0.000717, fixed in 6.0.0.000964\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Google Analytics 4: through 6.0.0.000454, fixed in 6.0.0.000525\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Google BigQuery: through 6.0.0.002279, fixed in 6.0.0.002410\u003cbr\u003eDataDirect Connect for JDBC for Greenplum: through 6.0.0.001712, fixed in 6.0.0.001727\u003cbr\u003eDataDirect Connect for JDBC for Informix: through 6.0.0.000690, fixed in 6.0.0.0851\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Microsoft Dynamics 365: through 6.0.0.003161, fixed in 6.0.0.3198\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Microsoft SQLServer: through 6.0.0.001936, fixed in 6.0.0.001957\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Microsoft Sharepoint: through 6.0.0.001559, fixed in 6.0.0.001587\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for MongoDB: through 6.1.0.001654, fixed in 6.1.0.001669\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for MySQL: through 5.1.4.000330, fixed in 5.1.4.000364\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Oracle Database: through 6.0.0.001747, fixed in 6.0.0.001776\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Oracle Eloqua: through 6.0.0.001438, fixed in 6.0.0.001458\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Oracle Sales Cloud: through 6.0.0.001225, fixed in 6.0.0.001316\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Oracle Service Cloud: through 5.1.4.000298, fixed in 5.1.4.000309\u003cbr\u003eDataDirect Connect for JDBC for PostgreSQL: through 6.0.0.001843, fixed in 6.0.0.001856\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Progress OpenEdge: through 5.1.4.000187, fixed in 5.1.4.000189\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Salesforce: through 6.0.0.003020, fixed in 6.0.0.003125\u003cbr\u003eDataDirect Connect for JDBC for SAP HANA: through 6.0.0.000879, product retired\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for SAP S/4 HANA: through 6.0.1.001818, fixed in 6.0.1.001858\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Sybase ASE: through 5.1.4.000161, fixed in 5.1.4.000162\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Snowflake: through 6.0.1.001821, fixed in 6.0.1.001856\u003c/div\u003e\u003cdiv\u003eDataDirect Hybrid Data Pipeline Server: through 4.6.2.3309, fixed in 4.6.2.3430\u003c/div\u003e\u003cdiv\u003eDataDirect Hybrid Data Pipeline JDBC Driver: through 4.6.2.0607, fixed in 4.6.2.1023\u003c/div\u003e\u003cdiv\u003eDataDirect Hybrid Data Pipeline On Premises Connector: through 4.6.2.1223, fixed in 4.6.2.1339\u003cbr\u003eDataDirect Hybrid Data Pipeline Docker: through 4.6.2.3316, fixed in 4.6.2.3430\u003c/div\u003e\u003cdiv\u003eDataDirect OpenAccess JDBC Driver: through 8.1.0.0177, fixed in 8.1.0.0183\u003c/div\u003e\u003cdiv\u003eDataDirect OpenAccess JDBC Driver: through 9.0.0.0019, fixed in 9.0.0.0022\u003c/div\u003e\u003c/div\u003e\n\n\u003cbr\u003e"
}
],
"value": "Improper Control of Generation of Code (\u0027Code Injection\u0027) vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows Remote Code Inclusion.\n\n\nThe SpyAttribute connection option implemented by the DataDirect Connect for JDBC drivers, DataDirect Hybrid Data Pipeline JDBC driver and the DataDirect OpenAccess JDBC driver supports an undocumented syntax construct for the option value that if discovered can be used by an attacker. If an application allows an end user to specify a value for the SpyAttributes connection option then an attacker can use the undocumented syntax to cause the driver to load an arbitrary class on the class path and execute a constructor on that class. \u00a0\n\n\nThis issue affects:\n\nDataDirect Connect for JDBC for Amazon Redshift: through 6.0.0.001392, fixed in 6.0.0.001541\n\nDataDirect Connect for JDBC for Apache Cassandra: through 6.0.0.000805, fixed in 6.0.0.000833\n\nDataDirect Connect for JDBC for Hive: through 6.0.1.001499, fixed in 6.0.1.001628\n\nDataDirect Connect for JDBC for Apache Impala: through 6.0.0.001155, fixed in 6.0.0.001279\n\nDataDirect Connect for JDBC for Apache SparkSQL: through 6.0.1.001222, fixed in 6.0.1.001344\n\nDataDirect Connect for JDBC Autonomous REST Connector: through 6.0.1.006961, fixed in 6.0.1.007063\n\nDataDirect Connect for JDBC for DB2: through 6.0.0.000717, fixed in 6.0.0.000964\n\nDataDirect Connect for JDBC for Google Analytics 4: through 6.0.0.000454, fixed in 6.0.0.000525\n\nDataDirect Connect for JDBC for Google BigQuery: through 6.0.0.002279, fixed in 6.0.0.002410\nDataDirect Connect for JDBC for Greenplum: through 6.0.0.001712, fixed in 6.0.0.001727\nDataDirect Connect for JDBC for Informix: through 6.0.0.000690, fixed in 6.0.0.0851\n\n\nDataDirect Connect for JDBC for Microsoft Dynamics 365: through 6.0.0.003161, fixed in 6.0.0.3198\n\nDataDirect Connect for JDBC for Microsoft SQLServer: through 6.0.0.001936, fixed in 6.0.0.001957\n\nDataDirect Connect for JDBC for Microsoft Sharepoint: through 6.0.0.001559, fixed in 6.0.0.001587\n\nDataDirect Connect for JDBC for MongoDB: through 6.1.0.001654, fixed in 6.1.0.001669\n\nDataDirect Connect for JDBC for MySQL: through 5.1.4.000330, fixed in 5.1.4.000364\n\nDataDirect Connect for JDBC for Oracle Database: through 6.0.0.001747, fixed in 6.0.0.001776\n\nDataDirect Connect for JDBC for Oracle Eloqua: through 6.0.0.001438, fixed in 6.0.0.001458\n\nDataDirect Connect for JDBC for Oracle Sales Cloud: through 6.0.0.001225, fixed in 6.0.0.001316\n\nDataDirect Connect for JDBC for Oracle Service Cloud: through 5.1.4.000298, fixed in 5.1.4.000309\nDataDirect Connect for JDBC for PostgreSQL: through 6.0.0.001843, fixed in 6.0.0.001856\n\nDataDirect Connect for JDBC for Progress OpenEdge: through 5.1.4.000187, fixed in 5.1.4.000189\n\nDataDirect Connect for JDBC for Salesforce: through 6.0.0.003020, fixed in 6.0.0.003125\nDataDirect Connect for JDBC for SAP HANA: through 6.0.0.000879, product retired\n\nDataDirect Connect for JDBC for SAP S/4 HANA: through 6.0.1.001818, fixed in 6.0.1.001858\n\nDataDirect Connect for JDBC for Sybase ASE: through 5.1.4.000161, fixed in 5.1.4.000162\n\nDataDirect Connect for JDBC for Snowflake: through 6.0.1.001821, fixed in 6.0.1.001856\n\nDataDirect Hybrid Data Pipeline Server: through 4.6.2.3309, fixed in 4.6.2.3430\n\nDataDirect Hybrid Data Pipeline JDBC Driver: through 4.6.2.0607, fixed in 4.6.2.1023\n\nDataDirect Hybrid Data Pipeline On Premises Connector: through 4.6.2.1223, fixed in 4.6.2.1339\nDataDirect Hybrid Data Pipeline Docker: through 4.6.2.3316, fixed in 4.6.2.3430\n\nDataDirect OpenAccess JDBC Driver: through 8.1.0.0177, fixed in 8.1.0.0183\n\nDataDirect OpenAccess JDBC Driver: through 9.0.0.0019, fixed in 9.0.0.0022"
}
],
"impacts": [
{
"capecId": "CAPEC-253",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-253 Remote Code Inclusion"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T15:46:26.699Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://community.progress.com/s/article/Progress-DataDirect-Critical-Security-Product-Alert-Bulletin-November-2025"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-10702",
"datePublished": "2025-11-19T15:46:26.699Z",
"dateReserved": "2025-09-18T19:40:24.114Z",
"dateUpdated": "2025-11-20T04:55:24.080Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11906 (GCVE-0-2025-11906)
Vulnerability from cvelistv5 – Published: 2025-10-30 07:39 – Updated: 2025-10-31 03:55
VLAI?
Summary
A vulnerability exists in Progress Flowmon versions prior 12.5.6 where certain system configuration files have incorrect file permissions, allowing a user with access to the default flowmon system user account used for SSH access to potentially escalate privileges to root during service initialization.
Severity ?
6.7 (Medium)
CWE
- CWE-732 - Incorrect Permission Assignment for Critical Resource
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Flowmon |
Affected:
Flowmon 12 versions prior to 12.5.6
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11906",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-30T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T03:55:28.727Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Flowmon",
"vendor": "Progress Software",
"versions": [
{
"status": "affected",
"version": "Flowmon 12 versions prior to 12.5.6",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability exists in Progress Flowmon versions prior 12.5.6 where certain system configuration files have incorrect file permissions, allowing a user with access to the default flowmon system user account used for SSH access to potentially escalate privileges to root during service initialization."
}
],
"value": "A vulnerability exists in Progress Flowmon versions prior 12.5.6 where certain system configuration files have incorrect file permissions, allowing a user with access to the default flowmon system user account used for SSH access to potentially escalate privileges to root during service initialization."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Manipulating Writeable Configuration Files"
}
]
},
{
"descriptions": [
{
"lang": "en",
"value": "Code Inclusion"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T07:39:38.530Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://community.progress.com/s/article/Progress-Flowmon-CVE-2025-11906"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Privilege escalation via writable configuration files in Progress Flowmon",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-11906",
"datePublished": "2025-10-30T07:39:38.530Z",
"dateReserved": "2025-10-17T10:50:29.793Z",
"dateUpdated": "2025-10-31T03:55:28.727Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10932 (GCVE-0-2025-10932)
Vulnerability from cvelistv5 – Published: 2025-10-29 14:12 – Updated: 2025-10-29 14:33
VLAI?
Summary
Uncontrolled Resource Consumption vulnerability in Progress MOVEit Transfer (AS2 module).This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.3, from 2024.1.0 before 2024.1.7, from 2023.1.0 before 2023.1.16.
Severity ?
8.2 (High)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress | MOVEit Transfer |
Affected:
2025.0.0 , < 2025.0.3
(semver)
Affected: 2024.1.0 , < 2024.1.7 (semver) Affected: 2023.1.0 , < 2023.1.16 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10932",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-29T14:32:20.694306Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-29T14:33:14.601Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"AS2"
],
"product": "MOVEit Transfer",
"vendor": "Progress",
"versions": [
{
"lessThan": "2025.0.3",
"status": "affected",
"version": "2025.0.0",
"versionType": "semver"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024.1.0",
"versionType": "semver"
},
{
"lessThan": "2023.1.16",
"status": "affected",
"version": "2023.1.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Uncontrolled Resource Consumption vulnerability in Progress MOVEit Transfer (AS2 module).\u003cp\u003eThis issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.3, from 2024.1.0 before 2024.1.7, from 2023.1.0 before 2023.1.16.\u003c/p\u003e"
}
],
"value": "Uncontrolled Resource Consumption vulnerability in Progress MOVEit Transfer (AS2 module).This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.3, from 2024.1.0 before 2024.1.7, from 2023.1.0 before 2023.1.16."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-29T14:12:33.439Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://community.progress.com/s/article/MOVEit-Transfer-Vulnerability-CVE-2025-10932-October-29-2025"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "AS2 module allows uncontrolled file uploads",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-10932",
"datePublished": "2025-10-29T14:12:33.439Z",
"dateReserved": "2025-09-24T17:13:32.630Z",
"dateUpdated": "2025-10-29T14:33:14.601Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10240 (GCVE-0-2025-10240)
Vulnerability from cvelistv5 – Published: 2025-10-09 12:43 – Updated: 2025-10-10 03:55
VLAI?
Summary
A vulnerability exists in the Progress Flowmon web application prior to version 12.5.5, whereby a user who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated session.
Severity ?
8.8 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Flowmon |
Affected:
Versions prior to 12.5.5
(custom)
|
Credits
This vulnerability was discovered by Novee.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10240",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-09T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-10T03:55:21.833Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Flowmon",
"vendor": "Progress Software",
"versions": [
{
"status": "affected",
"version": "Versions prior to 12.5.5",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "This vulnerability was discovered by Novee."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability exists in the Progress Flowmon web application prior to version 12.5.5, whereby a user who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated session."
}
],
"value": "A vulnerability exists in the Progress Flowmon web application prior to version 12.5.5, whereby a user who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated session."
}
],
"impacts": [
{
"capecId": "CAPEC-588",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-588 DOM-Based XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-09T12:43:40.906Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://community.progress.com/s/article/Can-CVE-2025-10240-affect-Progress-Flowmon-appliance"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Possibility of unintended actions when a user clicks a malicious link in the Progress Flowmon web application",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-10240",
"datePublished": "2025-10-09T12:43:40.906Z",
"dateReserved": "2025-09-10T16:28:15.198Z",
"dateUpdated": "2025-10-10T03:55:21.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10239 (GCVE-0-2025-10239)
Vulnerability from cvelistv5 – Published: 2025-10-09 12:42 – Updated: 2025-10-10 03:55
VLAI?
Summary
In Flowmon versions prior to 12.5.5, a vulnerability has been identified that allows a user with administrator privileges and access to the management interface to execute additional unintended commands within scripts intended for troubleshooting purposes.
Severity ?
7.2 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Flowmon |
Affected:
Versions prior to 12.5.5
(custom)
|
Credits
This vulnerability was discovered by Kentaro Kawane.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10239",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-09T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-10T03:55:22.638Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Flowmon",
"vendor": "Progress Software",
"versions": [
{
"status": "affected",
"version": "Versions prior to 12.5.5",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "This vulnerability was discovered by Kentaro Kawane."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Flowmon versions prior to 12.5.5, a vulnerability has been identified that allows a user with administrator privileges and access to the management interface to execute additional unintended commands within scripts intended for troubleshooting purposes."
}
],
"value": "In Flowmon versions prior to 12.5.5, a vulnerability has been identified that allows a user with administrator privileges and access to the management interface to execute additional unintended commands within scripts intended for troubleshooting purposes."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-09T12:42:05.557Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://community.progress.com/s/article/CVE-2025-10239"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Unintended command execution via troubleshooting scripts in Progress Flowmon",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-10239",
"datePublished": "2025-10-09T12:42:05.557Z",
"dateReserved": "2025-09-10T16:28:09.808Z",
"dateUpdated": "2025-10-10T03:55:22.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-8868 (GCVE-0-2025-8868)
Vulnerability from cvelistv5 – Published: 2025-09-29 11:29 – Updated: 2025-09-29 12:55
VLAI?
Summary
In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via
improperly neutralized inputs used in an SQL command using a well-known token.
Severity ?
9.8 (Critical)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Chef Automate |
Affected:
0 , < 4.13.295
(Customer on-premises deployed product and hosted services)
|
Credits
This vulnerability was discovered by XBOW.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8868",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-29T12:54:55.426558Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T12:55:02.884Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/chef/automate",
"defaultStatus": "unaffected",
"modules": [
"API-Token",
"compliance-service"
],
"packageName": "compliance service",
"platforms": [
"Linux",
"x86",
"64 bit"
],
"product": "Chef Automate",
"repo": "https://github.com/chef/automate",
"vendor": "Progress Software",
"versions": [
{
"lessThan": "4.13.295",
"status": "affected",
"version": "0",
"versionType": "Customer on-premises deployed product and hosted services"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "This vulnerability was discovered by XBOW."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via \n\nimproperly neutralized inputs used in an SQL command using a well-known token.\u003c/span\u003e"
}
],
"value": "In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via \n\nimproperly neutralized inputs used in an SQL command using a well-known token."
}
],
"impacts": [
{
"capecId": "CAPEC-633",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-633 Token Impersonation"
}
]
},
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
},
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T11:29:50.463Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://docs.chef.io/release_notes_automate/#4.13.295"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Chef Automate compliance service SQL Injection Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-8868",
"datePublished": "2025-09-29T11:29:50.463Z",
"dateReserved": "2025-08-11T14:53:51.880Z",
"dateUpdated": "2025-09-29T12:55:02.884Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6724 (GCVE-0-2025-6724)
Vulnerability from cvelistv5 – Published: 2025-09-29 11:29 – Updated: 2025-09-29 13:02
VLAI?
Summary
In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in multiple services via improperly neutralized inputs used in an SQL command.
Severity ?
8.8 (High)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Chef Automate |
Affected:
0 , < 4.13.295
(Customer on-premises deployed product)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6724",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-29T13:01:53.269431Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T13:02:01.775Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/chef/automate",
"defaultStatus": "affected",
"packageName": "Chef Automate services",
"platforms": [
"Linux",
"64 bit",
"x86"
],
"product": "Chef Automate",
"repo": "https://github.com/chef/automate",
"vendor": "Progress Software",
"versions": [
{
"lessThan": "4.13.295",
"status": "affected",
"version": "0",
"versionType": "Customer on-premises deployed product"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in multiple services via improperly neutralized inputs used in an SQL command.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in multiple services via improperly neutralized inputs used in an SQL command."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T11:29:42.695Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://docs.chef.io/release_notes_automate/#4.13.295"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Chef Automate SQL Injection Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-6724",
"datePublished": "2025-09-29T11:29:42.695Z",
"dateReserved": "2025-06-26T14:25:25.968Z",
"dateUpdated": "2025-09-29T13:02:01.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-7388 (GCVE-0-2025-7388)
Vulnerability from cvelistv5 – Published: 2025-09-04 13:01 – Updated: 2025-09-05 03:55
VLAI?
Summary
It was possible to perform Remote Command Execution (RCE) via Java
RMI interface in the OpenEdge AdminServer, allowing authenticated users to inject and
execute OS commands under the delegated authority of the AdminServer process. An RMI interface permitted manipulation of a configuration
property with inadequate input validation leading to OS command injection.
Severity ?
8.4 (High)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software Corporation | OpenEdge |
Affected:
OpenEdge 12.2.0 , < 12.2.18
(custom)
Affected: OpenEdge 12.8.0 , < 12.8.8 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7388",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-04T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T03:55:48.601Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"OpenEdge AdminServer"
],
"platforms": [
"Windows",
"Linux",
"64 bit",
"32 bit"
],
"product": "OpenEdge",
"vendor": "Progress Software Corporation",
"versions": [
{
"lessThan": "12.2.18",
"status": "affected",
"version": "OpenEdge 12.2.0",
"versionType": "custom"
},
{
"lessThan": "12.8.8",
"status": "affected",
"version": "OpenEdge 12.8.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIt was possible to perform \u003cb\u003eRemote Command Execution (RCE)\u003c/b\u003e via Java\nRMI interface in the OpenEdge AdminServer, allowing authenticated users to inject and\nexecute OS commands under the delegated authority of the AdminServer process.\u0026nbsp; An RMI interface permitted manipulation of a configuration\nproperty with inadequate input validation leading to OS command injection.\u003c/p\u003e"
}
],
"value": "It was possible to perform Remote Command Execution (RCE) via Java\nRMI interface in the OpenEdge AdminServer, allowing authenticated users to inject and\nexecute OS commands under the delegated authority of the AdminServer process.\u00a0 An RMI interface permitted manipulation of a configuration\nproperty with inadequate input validation leading to OS command injection."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T13:01:13.624Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://community.progress.com/s/article/Important-RCE-Security-Update-for-OpenEdge-AdminServer"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Authenticated Command Injection via configuration parameter manipulation in exposed RMI interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-7388",
"datePublished": "2025-09-04T13:01:13.624Z",
"dateReserved": "2025-07-09T13:01:14.744Z",
"dateUpdated": "2025-09-05T03:55:48.601Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6505 (GCVE-0-2025-6505)
Vulnerability from cvelistv5 – Published: 2025-07-29 12:56 – Updated: 2025-07-29 13:25
VLAI?
Summary
Unauthorized access and impersonation can occur in versions 4.6.2.3226 and below of Progress Software's Hybrid Data Pipeline Server on Linux. This vulnerability allows attackers to combine credentials from different sources, potentially leading to client impersonation and unauthorized access.
When OAuth Clients perform an OAuth handshake with the Hybrid Data Pipeline Server, the server accepts client credentials from both HTTP headers and request parameters.
Severity ?
8.1 (High)
CWE
- Unauthorized Access and Impersonation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Hybrid Data Pipeline |
Affected:
0 , ≤ 4.6.2.3226
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6505",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-29T13:25:08.766953Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-29T13:25:19.719Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"OAuth"
],
"packageName": "Server",
"platforms": [
"Linux"
],
"product": "Hybrid Data Pipeline",
"vendor": "Progress Software",
"versions": [
{
"lessThanOrEqual": "4.6.2.3226",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUnauthorized access and impersonation can occur in versions\u0026nbsp;4.6.2.3226\u0026nbsp;and below of Progress Software\u0027s Hybrid Data Pipeline Server on Linux. This vulnerability allows attackers to combine credentials from different sources, potentially leading to client impersonation and unauthorized access.\u003c/span\u003e\n\u0026nbsp;When OAuth Clients perform an OAuth handshake with the Hybrid Data Pipeline Server, the server accepts client credentials from both HTTP headers and request parameters."
}
],
"value": "Unauthorized access and impersonation can occur in versions\u00a04.6.2.3226\u00a0and below of Progress Software\u0027s Hybrid Data Pipeline Server on Linux. This vulnerability allows attackers to combine credentials from different sources, potentially leading to client impersonation and unauthorized access.\n\u00a0When OAuth Clients perform an OAuth handshake with the Hybrid Data Pipeline Server, the server accepts client credentials from both HTTP headers and request parameters."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "mix credentials from different sources, potentially impersonating clients and gaining unauthorized access."
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unauthorized Access and Impersonation",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-29T12:56:57.219Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://community.progress.com/s/article/DataDirect-Hybrid-Data-Pipeline-Critical-Security-Product-Alert-Bulletin-July-2025---CVE-2025-6505"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to\u0026nbsp;Hybrid Data Pipeline\u0026nbsp;version 4.6.2.3275 or later."
}
],
"value": "Upgrade to\u00a0Hybrid Data Pipeline\u00a0version 4.6.2.3275 or later."
}
],
"source": {
"defect": [
"HDP-12382"
],
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-6505",
"datePublished": "2025-07-29T12:56:57.219Z",
"dateReserved": "2025-06-23T02:43:50.777Z",
"dateUpdated": "2025-07-29T13:25:19.719Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6504 (GCVE-0-2025-6504)
Vulnerability from cvelistv5 – Published: 2025-07-29 12:56 – Updated: 2025-07-29 13:27
VLAI?
Summary
In HDP Server versions below 4.6.2.2978 on Linux, unauthorized access could occur via IP spoofing using the X-Forwarded-For header.
Since XFF is a client-controlled header, it could be spoofed, allowing unauthorized access if the spoofed IP matched a whitelisted range.
This vulnerability could be exploited to bypass IP restrictions, though valid user credentials would still be required for resource access.
Severity ?
8.4 (High)
CWE
- Unauthorized Access to Sensitive resources
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Hybrid Data Pipeline |
Affected:
0 , < 4.6.2.2978
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6504",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-29T13:26:59.758939Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345 Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-29T13:27:02.851Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"IP White Listing"
],
"packageName": "HDP Server",
"platforms": [
"Linux"
],
"product": "Hybrid Data Pipeline",
"vendor": "Progress Software",
"versions": [
{
"lessThan": "4.6.2.2978",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn HDP Server versions below 4.6.2.2978 on Linux, unauthorized access could occur via IP spoofing using the X-Forwarded-For header.\u0026nbsp;\n\nSince XFF is a client-controlled header, it could be spoofed, allowing unauthorized access if the spoofed IP matched a whitelisted range.\n\n\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis vulnerability could be exploited to bypass IP restrictions, though valid user credentials would still be required for resource access.\u003c/span\u003e\n\n\u003c/span\u003e"
}
],
"value": "In HDP Server versions below 4.6.2.2978 on Linux, unauthorized access could occur via IP spoofing using the X-Forwarded-For header.\u00a0\n\nSince XFF is a client-controlled header, it could be spoofed, allowing unauthorized access if the spoofed IP matched a whitelisted range.\n\n\nThis vulnerability could be exploited to bypass IP restrictions, though valid user credentials would still be required for resource access."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Attackers may bypass IP whitelisting to access restricted resources or UI interface."
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unauthorized Access to Sensitive resources",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-29T12:56:28.054Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://community.progress.com/s/article/DataDirect-Hybrid-Data-Pipeline-Critical-Security-Product-Alert-Bulletin-July-2025---CVE-2025-6504"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate the HDP Server to version 4.6.2.2978 or later.\u003c/span\u003e"
}
],
"value": "Update the HDP Server to version 4.6.2.2978 or later."
}
],
"source": {
"defect": [
"HDP-10769"
],
"discovery": "INTERNAL"
},
"title": "Possibilities of IP Spoofing via X-Forwarded-For (XFF) Header",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-6504",
"datePublished": "2025-07-29T12:56:28.054Z",
"dateReserved": "2025-06-23T02:43:49.210Z",
"dateUpdated": "2025-07-29T13:27:02.851Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6725 (GCVE-0-2025-6725)
Vulnerability from cvelistv5 – Published: 2025-07-02 14:39 – Updated: 2025-07-02 14:54
VLAI?
Summary
In the PdfViewer component, a Cross-Site Scripting (XSS) vulnerability is possible if a specially-crafted document has already been loaded and the user engages with a tool that requires the DOM to be re-rendered.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Progress Software | Kendo UI for jQuery |
Affected:
2024.4.1112 , ≤ 2025.2.520
(custom)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6725",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-02T14:53:43.290872Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-02T14:54:14.971Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Kendo UI for jQuery",
"vendor": "Progress Software",
"versions": [
{
"lessThanOrEqual": "2025.2.520",
"status": "affected",
"version": "2024.4.1112",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Kendo UI for Angular",
"vendor": "Progress Software",
"versions": [
{
"lessThanOrEqual": "19.1.2",
"status": "affected",
"version": "18.5.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "KendoReact",
"vendor": "Progress Software",
"versions": [
{
"lessThanOrEqual": "11.1.0",
"status": "affected",
"version": "5.10.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telerik UI for ASP.NET MVC",
"vendor": "Progress Software",
"versions": [
{
"lessThanOrEqual": "2025.2.520",
"status": "affected",
"version": "2024.4.1112",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telerik UI for ASP.NET Core",
"vendor": "Progress Software",
"versions": [
{
"lessThanOrEqual": "2025.2.520",
"status": "affected",
"version": "2024.4.1112",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telerik UI for Blazor",
"vendor": "Progress Software",
"versions": [
{
"lessThanOrEqual": "9.0.0",
"status": "affected",
"version": "3.6.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn the PdfViewer component, a Cross-Site Scripting (XSS) vulnerability is possible if a specially-crafted document has already been loaded and the user engages with a tool that requires the DOM to be re-rendered.\u003c/p\u003e"
}
],
"value": "In the PdfViewer component, a Cross-Site Scripting (XSS) vulnerability is possible if a specially-crafted document has already been loaded and the user engages with a tool that requires the DOM to be re-rendered."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-02T14:39:15.442Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://www.telerik.com/blazor-ui/documentation/knowledge-base/pdfviewer-xss-vulnerability-cve-2025-6725"
},
{
"url": "https://www.telerik.com/aspnet-core-ui/documentation/knowledge-base/kb-security-pdfviewer-xss-cve-2025-6725"
},
{
"url": "https://www.telerik.com/aspnet-mvc/documentation/knowledge-base/kb-security-pdfviewer-xss-cve-2025-6725"
},
{
"url": "https://www.telerik.com/kendo-jquery-ui/documentation/knowledge-base/kb-security-pdfviewer-xss-cve-2025-6725"
},
{
"url": "https://www.telerik.com/kendo-angular-ui/components/knowledge-base/kb-security-pdfviewer-xss-cve-2025-6725"
},
{
"url": "https://www.telerik.com/kendo-react-ui/components/knowledge-base/kb-security-pdfviewer-xss-cve-2025-6725"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Cross-Site Scripting (XSS) in PdfViewer",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-6725",
"datePublished": "2025-07-02T14:39:15.442Z",
"dateReserved": "2025-06-26T14:27:40.423Z",
"dateUpdated": "2025-07-02T14:54:14.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-3600 (GCVE-0-2025-3600)
Vulnerability from cvelistv5 – Published: 2025-05-14 13:21 – Updated: 2025-08-27 14:54
VLAI?
Summary
In Progress® Telerik® UI for AJAX, versions 2011.2.712 to 2025.1.218, an unsafe reflection vulnerability exists that may lead to an unhandled exception resulting in a crash of the hosting process and denial of service.
Severity ?
7.5 (High)
CWE
- Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Telerik UI for ASP.NET AJAX |
Affected:
2011.2.712 , < 2025.1.416
(custom)
|
Credits
Piotr Bazydlo (@chudyPB) of watchTowr
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3600",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-14T14:08:08.563614Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-470",
"description": "CWE-470 Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T14:54:22.319Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Telerik UI for ASP.NET AJAX",
"vendor": "Progress Software",
"versions": [
{
"lessThan": "2025.1.416",
"status": "affected",
"version": "2011.2.712",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Piotr Bazydlo (@chudyPB) of watchTowr"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Progress\u00ae Telerik\u00ae UI for AJAX, versions 2011.2.712 to 2025.1.218, an unsafe reflection vulnerability exists that may lead to an unhandled exception resulting in a crash of the hosting process and denial of service."
}
],
"value": "In Progress\u00ae Telerik\u00ae UI for AJAX, versions 2011.2.712 to 2025.1.218, an unsafe reflection vulnerability exists that may lead to an unhandled exception resulting in a crash of the hosting process and denial of service."
}
],
"impacts": [
{
"capecId": "CAPEC-138",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-138: Reflection Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T13:21:40.770Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.telerik.com/products/aspnet-ajax/documentation/knowledge-base/kb-security-unsafe-reflection-cve-2025-3600"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Unsafe Reflection Vulnerability in Telerik UI for ASP.NET AJAX",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-3600",
"datePublished": "2025-05-14T13:21:40.770Z",
"dateReserved": "2025-04-14T16:13:13.173Z",
"dateUpdated": "2025-08-27T14:54:22.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2572 (GCVE-0-2025-2572)
Vulnerability from cvelistv5 – Published: 2025-04-14 16:06 – Updated: 2025-04-14 18:07
VLAI?
Summary
In WhatsUp Gold versions released before 2024.0.3, a
database manipulation
vulnerability allows an unauthenticated attacker to modify the contents of WhatsUp.dbo.WrlsMacAddressGroup.
Severity ?
5.6 (Medium)
CWE
- CWE-287 - Improper Authentication
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software Corporation | WhatsUp Gold |
Affected:
2024.0.1 , ≤ 2024.0.2
(semver)
|
Credits
Jimi from Tenable
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2572",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-14T17:20:36.637462Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-14T18:07:07.373Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"API Endpoint"
],
"platforms": [
"Windows"
],
"product": "WhatsUp Gold",
"vendor": "Progress Software Corporation",
"versions": [
{
"lessThanOrEqual": "2024.0.2",
"status": "affected",
"version": "2024.0.1",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jimi from Tenable"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In WhatsUp Gold versions released before 2024.0.3, a \n\n\u003cspan style=\"background-color: rgba(161, 189, 217, 0.08);\"\u003edatabase manipulation \u003c/span\u003e\n\nvulnerability allows an unauthenticated attacker to modify the contents of\u0026nbsp;\u003cspan style=\"background-color: rgba(161, 189, 217, 0.08);\"\u003eWhatsUp.dbo.WrlsMacAddressGroup.\u003cbr\u003e\u003c/span\u003e"
}
],
"value": "In WhatsUp Gold versions released before 2024.0.3, a \n\ndatabase manipulation \n\nvulnerability allows an unauthenticated attacker to modify the contents of\u00a0WhatsUp.dbo.WrlsMacAddressGroup."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-14T16:06:45.424Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://www.progress.com/network-monitoring"
},
{
"url": "https://docs.progress.com/bundle/whatsupgold-release-notes-24-0/page/WhatsUp-Gold-2024.0-Release-Notes.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "WhatsUp Gold NmConfigurationManager.exe database manipulation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-2572",
"datePublished": "2025-04-14T16:06:45.424Z",
"dateReserved": "2025-03-20T20:17:34.692Z",
"dateUpdated": "2025-04-14T18:07:07.373Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1968 (GCVE-0-2025-1968)
Vulnerability from cvelistv5 – Published: 2025-04-09 13:33 – Updated: 2025-05-02 15:35
VLAI?
Summary
Insufficient Session Expiration vulnerability in Progress Software Corporation Sitefinity under some specific and uncommon circumstances allows reusing Session IDs (Session Replay Attacks).This issue affects Sitefinity: from 14.0 through 14.3, from 14.4 before 14.4.8145, from 15.0 before 15.0.8231, from 15.1 before 15.1.8332, from 15.2 before 15.2.8429.
Severity ?
7.7 (High)
CWE
- CWE-613 - Insufficient Session Expiration
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software Corporation | Sitefinity |
Affected:
14.0 , ≤ 14.3
(custom)
Affected: 14.4 , < 14.4.8145 (custom) Affected: 15.0 , < 15.0.8231 (custom) Affected: 15.1 , < 15.1.8332 (custom) Affected: 15.2 , < 15.2.8429 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1968",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-10T03:55:30.253793Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-02T15:35:28.201Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Sitefinity",
"vendor": "Progress Software Corporation",
"versions": [
{
"lessThanOrEqual": "14.3",
"status": "affected",
"version": "14.0",
"versionType": "custom"
},
{
"lessThan": "14.4.8145",
"status": "affected",
"version": "14.4",
"versionType": "custom"
},
{
"lessThan": "15.0.8231",
"status": "affected",
"version": "15.0",
"versionType": "custom"
},
{
"lessThan": "15.1.8332",
"status": "affected",
"version": "15.1",
"versionType": "custom"
},
{
"lessThan": "15.2.8429",
"status": "affected",
"version": "15.2",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insufficient Session Expiration vulnerability in Progress Software Corporation Sitefinity under some specific and uncommon circumstances allows reusing Session IDs (Session Replay Attacks).\u003cp\u003eThis issue affects Sitefinity: from 14.0 through 14.3, from 14.4 before 14.4.8145, from 15.0 before 15.0.8231, from 15.1 before 15.1.8332, from 15.2 before 15.2.8429.\u003c/p\u003e"
}
],
"value": "Insufficient Session Expiration vulnerability in Progress Software Corporation Sitefinity under some specific and uncommon circumstances allows reusing Session IDs (Session Replay Attacks).This issue affects Sitefinity: from 14.0 through 14.3, from 14.4 before 14.4.8145, from 15.0 before 15.0.8231, from 15.1 before 15.1.8332, from 15.2 before 15.2.8429."
}
],
"impacts": [
{
"capecId": "CAPEC-60",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-60: Reusing Session IDs (Session Replay Attacks)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613: Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T13:33:31.450Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://community.progress.com/s/article/Sitefinity-Security-Advisory-for-Addressing-Security-Vulnerability-CVE-2025-1968-April-2025"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-1968",
"datePublished": "2025-04-09T13:33:31.450Z",
"dateReserved": "2025-03-04T17:18:25.818Z",
"dateUpdated": "2025-05-02T15:35:28.201Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1758 (GCVE-0-2025-1758)
Vulnerability from cvelistv5 – Published: 2025-03-19 15:28 – Updated: 2025-03-19 17:32
VLAI?
Summary
Improper Input Validation vulnerability in Progress LoadMaster allows : Buffer OverflowThis issue affects:
* LoadMaster: 7.2.40.0 and above
* ECS: All versions
* Multi-Tenancy: 7.1.35.4 and above
Severity ?
4.3 (Medium)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress | LoadMaster |
Affected:
7.2.40.0 , < 7.2.61.1
(LoadMaster)
Affected: 7.1.54.4 , < 7.1.35.14 (Multi Tenancy) |
Credits
Nicholas Zubrisky (@NZubrisky) of Trend Micro Security Research
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1758",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-19T17:32:46.165734Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-19T17:32:53.423Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "LoadMaster",
"vendor": "Progress",
"versions": [
{
"lessThan": "7.2.61.1",
"status": "affected",
"version": "7.2.40.0",
"versionType": "LoadMaster"
},
{
"lessThan": "7.1.35.14",
"status": "affected",
"version": "7.1.54.4",
"versionType": "Multi Tenancy"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nicholas Zubrisky (@NZubrisky) of Trend Micro Security Research"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Input Validation vulnerability in Progress LoadMaster allows : Buffer Overflow\u003cp\u003eThis issue affects:\u003c/p\u003e\u003cp\u003e* LoadMaster: 7.2.40.0 and above\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e* ECS: All versions\u003c/span\u003e\u003c/p\u003e\u003cp\u003e* Multi-Tenancy: 7.1.35.4 and above\u003cbr\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "Improper Input Validation vulnerability in Progress LoadMaster allows : Buffer OverflowThis issue affects:\n\n* LoadMaster: 7.2.40.0 and above\n\n* ECS: All versions\n\n* Multi-Tenancy: 7.1.35.4 and above"
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-19T15:28:09.883Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://docs.progress.com/bundle/release-notes_loadmaster-7-2-61-1/page/Security-Updates.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-1758",
"datePublished": "2025-03-19T15:28:09.883Z",
"dateReserved": "2025-02-27T16:09:05.410Z",
"dateUpdated": "2025-03-19T17:32:53.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2324 (GCVE-0-2025-2324)
Vulnerability from cvelistv5 – Published: 2025-03-19 15:23 – Updated: 2025-03-19 20:17
VLAI?
Summary
Improper Privilege Management vulnerability for users configured as Shared Accounts in Progress MOVEit Transfer (SFTP module) allows Privilege Escalation.This issue affects MOVEit Transfer: from 2023.1.0 before 2023.1.12, from 2024.0.0 before 2024.0.8, from 2024.1.0 before 2024.1.2.
Severity ?
5.9 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress | MOVEit Transfer |
Affected:
2023.1.0 , < 2023.1.12
(custom)
Affected: 2024.0.0 , < 2024.0.8 (custom) Affected: 2024.1.0 , < 2024.1.2 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2324",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-19T20:16:53.538862Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-19T20:17:04.235Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"SFTP"
],
"product": "MOVEit Transfer",
"vendor": "Progress",
"versions": [
{
"lessThan": "2023.1.12",
"status": "affected",
"version": "2023.1.0",
"versionType": "custom"
},
{
"lessThan": "2024.0.8",
"status": "affected",
"version": "2024.0.0",
"versionType": "custom"
},
{
"lessThan": "2024.1.2",
"status": "affected",
"version": "2024.1.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Privilege Management vulnerability for users configured as Shared Accounts in Progress MOVEit Transfer (SFTP module) allows Privilege Escalation.\u003cp\u003eThis issue affects MOVEit Transfer: from 2023.1.0 before 2023.1.12, from 2024.0.0 before 2024.0.8, from 2024.1.0 before 2024.1.2.\u003c/p\u003e"
}
],
"value": "Improper Privilege Management vulnerability for users configured as Shared Accounts in Progress MOVEit Transfer (SFTP module) allows Privilege Escalation.This issue affects MOVEit Transfer: from 2023.1.0 before 2023.1.12, from 2024.0.0 before 2024.0.8, from 2024.1.0 before 2024.1.2."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-19T15:23:03.486Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://community.progress.com/s/article/MOVEit-Transfer-Vulnerability-CVE-2025-2324-March-18-2025"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "A MOVEit Transfer user configured as a Shared Account can gain unintended List permissions on a folder",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-2324",
"datePublished": "2025-03-19T15:23:03.486Z",
"dateReserved": "2025-03-14T17:30:06.106Z",
"dateUpdated": "2025-03-19T20:17:04.235Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6097 (GCVE-0-2024-6097)
Vulnerability from cvelistv5 – Published: 2025-02-12 17:37 – Updated: 2025-02-12 18:54
VLAI?
Summary
In Progress® Telerik® Reporting versions prior to 2025 Q1 (19.0.25.211), information disclosure is possible by a local threat actor through an absolute path vulnerability.
Severity ?
5.3 (Medium)
CWE
- CWE-36 - Absolute Path Traversal
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software Corporation | Progress® Telerik® Reporting |
Affected:
1.0.0 , < 2025 Q1 (19.0.25.211)
(semver)
|
Credits
Markus Wulftange with CODE WHITE GmbH
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6097",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-12T18:54:21.865947Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T18:54:37.572Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Progress\u00ae Telerik\u00ae Reporting",
"vendor": "Progress Software Corporation",
"versions": [
{
"lessThan": "2025 Q1 (19.0.25.211)",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Markus Wulftange with CODE WHITE GmbH"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Progress\u00ae Telerik\u00ae Reporting versions prior to 2025 Q1 (19.0.25.211), information disclosure is possible by a local threat actor through an absolute path vulnerability."
}
],
"value": "In Progress\u00ae Telerik\u00ae Reporting versions prior to 2025 Q1 (19.0.25.211), information disclosure is possible by a local threat actor through an absolute path vulnerability."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-36",
"description": "CWE-36: Absolute Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T17:37:10.917Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://docs.telerik.com/reporting/knowledge-base/kb-security-absolute-path-traversal-CVE-2024-6097"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Absolute Path Traversal Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2024-6097",
"datePublished": "2025-02-12T17:37:10.917Z",
"dateReserved": "2024-06-17T19:17:59.464Z",
"dateUpdated": "2025-02-12T18:54:37.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-11629 (GCVE-0-2024-11629)
Vulnerability from cvelistv5 – Published: 2025-02-12 16:21 – Updated: 2025-02-12 19:05
VLAI?
Summary
In Progress® Telerik® Document Processing Libraries, versions prior to 2025 Q1 (2025.1.205), using .NET Standard 2.0, the contents of a file at an arbitrary path can be exported to RTF.
Severity ?
7.1 (High)
CWE
- CWE-552 - Files or Directories Accessible to External Parties
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Progress® Telerik® Document Processing Libraries |
Affected:
1.0.0 , < 2025.1.205
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11629",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-12T19:05:24.855939Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T19:05:31.058Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
".NET Standard 2.0"
],
"product": "Progress\u00ae Telerik\u00ae Document Processing Libraries",
"vendor": "Progress Software",
"versions": [
{
"lessThan": "2025.1.205",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Progress\u00ae Telerik\u00ae Document Processing Libraries, versions prior to 2025 Q1 (2025.1.205), using .NET Standard 2.0, the contents of a file at an arbitrary path can be exported to RTF."
}
],
"value": "In Progress\u00ae Telerik\u00ae Document Processing Libraries, versions prior to 2025 Q1 (2025.1.205), using .NET Standard 2.0, the contents of a file at an arbitrary path can be exported to RTF."
}
],
"impacts": [
{
"capecId": "CAPEC-410",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-410 Information Elicitation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T16:21:52.058Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://docs.telerik.com/devtools/document-processing/knowledge-base/kb-security-rtf-filecontent-export-cve-2024-11629"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Telerik Document Processing RTF Export of Arbitrary File Path",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2024-11629",
"datePublished": "2025-02-12T16:21:52.058Z",
"dateReserved": "2024-11-22T16:53:25.203Z",
"dateUpdated": "2025-02-12T19:05:31.058Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-11628 (GCVE-0-2024-11628)
Vulnerability from cvelistv5 – Published: 2025-02-12 16:17 – Updated: 2025-02-12 19:06
VLAI?
Summary
In Progress® Telerik® Kendo UI for Vue versions v2.4.0 through v6.0.1, an attacker can introduce or modify properties within the global prototype chain which can result in denial of service or command injection.
Severity ?
4.1 (Medium)
CWE
- CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Progress® Telerik® Kendo UI for Vue |
Affected:
2.4.0 , < 6.1.0
(custom)
|
Credits
Tariq Hawis
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11628",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-12T19:06:14.995889Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T19:06:31.802Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://registry.npmjs.org",
"defaultStatus": "unaffected",
"packageName": "@progress//kendo-vue-common",
"product": "Progress\u00ae Telerik\u00ae Kendo UI for Vue",
"vendor": "Progress Software",
"versions": [
{
"lessThan": "6.1.0",
"status": "affected",
"version": "2.4.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tariq Hawis"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eIn Progress\u00ae Telerik\u00ae Kendo UI for Vue versions v2.4.0 through v6.0.1, an attacker can introduce or modify properties within the global prototype chain which can result in denial of service or command injection.\u003c/div\u003e"
}
],
"value": "In Progress\u00ae Telerik\u00ae Kendo UI for Vue versions v2.4.0 through v6.0.1, an attacker can introduce or modify properties within the global prototype chain which can result in denial of service or command injection."
}
],
"impacts": [
{
"capecId": "CAPEC-469",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-469 HTTP DoS"
}
]
},
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1321",
"description": "CWE-1321 Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T16:17:38.869Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.telerik.com/kendo-vue-ui/components/knowledge-base/kb-security-protoype-pollution-2024-11628"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Prototype Pollution in Progress\u00ae Telerik\u00ae Kendo UI for Vue",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2024-11628",
"datePublished": "2025-02-12T16:17:38.869Z",
"dateReserved": "2024-11-22T16:53:24.915Z",
"dateUpdated": "2025-02-12T19:06:31.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-11343 (GCVE-0-2024-11343)
Vulnerability from cvelistv5 – Published: 2025-02-12 15:46 – Updated: 2025-02-12 19:09
VLAI?
Summary
In Progress® Telerik® Document Processing Libraries, versions prior to 2025 Q1 (2025.1.205), unzipping an archive can lead to arbitrary file system access.
Severity ?
8.3 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Telerik Document Processing Libraries |
Affected:
1.0.0 , < 2025.1.205
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11343",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-12T19:09:36.935536Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T19:09:39.955Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Telerik Document Processing Libraries",
"vendor": "Progress Software",
"versions": [
{
"lessThan": "2025.1.205",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Progress\u00ae Telerik\u00ae Document Processing Libraries, versions prior to 2025 Q1 (2025.1.205), unzipping an archive can lead to arbitrary file system access."
}
],
"value": "In Progress\u00ae Telerik\u00ae Document Processing Libraries, versions prior to 2025 Q1 (2025.1.205), unzipping an archive can lead to arbitrary file system access."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T15:46:49.360Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://docs.telerik.com/devtools/document-processing/knowledge-base/kb-security-path-traversal-cve-2024-11343"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Telerik Document Processing Path Traversal",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2024-11343",
"datePublished": "2025-02-12T15:46:49.360Z",
"dateReserved": "2024-11-18T16:04:23.380Z",
"dateUpdated": "2025-02-12T19:09:39.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-12629 (GCVE-0-2024-12629)
Vulnerability from cvelistv5 – Published: 2025-02-12 15:37 – Updated: 2025-02-12 15:55
VLAI?
Summary
In Progress® Telerik® KendoReact versions v3.5.0 through v9.4.0, an attacker can introduce or modify properties within the global prototype chain which can result in denial of service or command injection.
Severity ?
4.1 (Medium)
CWE
- CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Telerik KendoReact |
Affected:
3.5.0 , < 9.4.0
(custom)
|
Credits
Tariq Hawis
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12629",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-12T15:55:34.189106Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T15:55:43.633Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://registry.npmjs.org",
"defaultStatus": "unaffected",
"packageName": "@progress/kendo-react-common",
"product": "Telerik KendoReact",
"vendor": "Progress Software",
"versions": [
{
"lessThan": "9.4.0",
"status": "affected",
"version": "3.5.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tariq Hawis"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eIn Progress\u00ae Telerik\u00ae KendoReact versions v3.5.0 through v9.4.0, an attacker can introduce or modify properties within the global prototype chain which can result in denial of service or command injection.\u003c/div\u003e"
}
],
"value": "In Progress\u00ae Telerik\u00ae KendoReact versions v3.5.0 through v9.4.0, an attacker can introduce or modify properties within the global prototype chain which can result in denial of service or command injection."
}
],
"impacts": [
{
"capecId": "CAPEC-469",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-469 HTTP DoS"
}
]
},
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1321",
"description": "CWE-1321 Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T15:37:51.840Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.telerik.com/kendo-react-ui/components/knowledge-base/kb-security-protoype-pollution-2024-12629"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Prototype Pollution in Progress\u00ae Telerik\u00ae KendoReact",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2024-12629",
"datePublished": "2025-02-12T15:37:51.840Z",
"dateReserved": "2024-12-13T18:49:19.322Z",
"dateUpdated": "2025-02-12T15:55:43.633Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0332 (GCVE-0-2025-0332)
Vulnerability from cvelistv5 – Published: 2025-02-12 15:15 – Updated: 2025-02-12 15:31
VLAI?
Summary
In Progress® Telerik® UI for WinForms, versions prior to 2025 Q1 (2025.1.211), using the improper limitation of a target path can lead to decompressing an archive's content into a restricted directory.
Severity ?
7.8 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Progress® Telerik® UI for WinForms |
Affected:
1.0.0 , < 2025 Q1 (2025.1.211)
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0332",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-12T15:31:15.147756Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T15:31:36.602Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"Windows"
],
"product": "Progress\u00ae Telerik\u00ae UI for WinForms",
"vendor": "Progress Software",
"versions": [
{
"lessThan": "2025 Q1 (2025.1.211)",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Progress\u00ae Telerik\u00ae UI for WinForms, versions prior to 2025 Q1 (2025.1.211), using the improper limitation of a target path can lead to decompressing an archive\u0027s content into a restricted directory."
}
],
"value": "In Progress\u00ae Telerik\u00ae UI for WinForms, versions prior to 2025 Q1 (2025.1.211), using the improper limitation of a target path can lead to decompressing an archive\u0027s content into a restricted directory."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T15:15:31.166Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://docs.telerik.com/devtools/winforms/knowledge-base/kb-security-path-traversal-cve-2025-0332"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Progress UI for WinForms decompression path traversal vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-0332",
"datePublished": "2025-02-12T15:15:31.166Z",
"dateReserved": "2025-01-08T17:10:32.725Z",
"dateUpdated": "2025-02-12T15:31:36.602Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0556 (GCVE-0-2025-0556)
Vulnerability from cvelistv5 – Published: 2025-02-12 15:11 – Updated: 2025-02-12 15:33
VLAI?
Summary
In Progress® Telerik® Report Server, versions prior to 2025 Q1 (11.0.25.211) when using the older .NET Framework implementation, communication of non-sensitive information between the service agent process and app host process occurs over an unencrypted tunnel, which can be subjected to local network traffic sniffing.
Severity ?
8.8 (High)
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Telerik Report Server |
Affected:
1.0.0 , < 2025 Q1 (11.0.25.211)
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0556",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-12T15:33:21.152666Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T15:33:35.788Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
".NET Framework Implementation"
],
"platforms": [
"Windows"
],
"product": "Telerik Report Server",
"vendor": "Progress Software",
"versions": [
{
"lessThan": "2025 Q1 (11.0.25.211)",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn Progress\u00ae Telerik\u00ae Report Server, versions prior to 2025 Q1 (11.0.25.211) when using the older .NET Framework implementation, communication of non-sensitive information between the service agent process and app host process occurs over an unencrypted tunnel, which can be subjected to local network traffic sniffing.\u003c/p\u003e"
}
],
"value": "In Progress\u00ae Telerik\u00ae Report Server, versions prior to 2025 Q1 (11.0.25.211) when using the older .NET Framework implementation, communication of non-sensitive information between the service agent process and app host process occurs over an unencrypted tunnel, which can be subjected to local network traffic sniffing."
}
],
"impacts": [
{
"capecId": "CAPEC-158",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-158 Sniffing Network Traffic"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319: Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T15:11:03.067Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://docs.telerik.com/report-server/knowledge-base/kb-security-cleartext-transmission-cve-2025-0556"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Telerik Report Server Clear Text Transmission of Agent Commands",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-0556",
"datePublished": "2025-02-12T15:11:03.067Z",
"dateReserved": "2025-01-17T19:39:39.461Z",
"dateUpdated": "2025-02-12T15:33:35.788Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-12251 (GCVE-0-2024-12251)
Vulnerability from cvelistv5 – Published: 2025-02-12 15:09 – Updated: 2025-02-12 18:46
VLAI?
Summary
In Progress® Telerik® UI for WinUI versions prior to 2025 Q1 (3.0.0), a command injection attack is possible through improper neutralization of hyperlink elements.
Severity ?
7.8 (High)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Telerik UI for WinUI |
Affected:
2.0.0 , < 3.0.0
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12251",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-12T18:46:13.723382Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T18:46:25.984Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Telerik UI for WinUI",
"vendor": "Progress Software",
"versions": [
{
"lessThan": "3.0.0",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Progress\u00ae Telerik\u00ae UI for WinUI versions prior to 2025 Q1 (3.0.0), a command injection attack is possible through improper neutralization of hyperlink elements."
}
],
"value": "In Progress\u00ae Telerik\u00ae UI for WinUI versions prior to 2025 Q1 (3.0.0), a command injection attack is possible through improper neutralization of hyperlink elements."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T15:09:46.306Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://docs.telerik.com/devtools/winui/security/kb-security-command-injection-cve-2024-12251"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper neutralization special element in hyperlinks",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2024-12251",
"datePublished": "2025-02-12T15:09:46.306Z",
"dateReserved": "2024-12-05T16:11:50.302Z",
"dateUpdated": "2025-02-12T18:46:25.984Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-56135 (GCVE-0-2024-56135)
Vulnerability from cvelistv5 – Published: 2025-02-05 18:02 – Updated: 2025-02-12 19:41
VLAI?
Summary
Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.
This issue affects:
Product
Affected Versions
LoadMaster
From 7.2.55.0 to 7.2.60.1 (inclusive)
From 7.2.49.0 to 7.2.54.12 (inclusive)
7.2.48.12 and all prior versions
ECS
All prior versions to 7.2.60.1 (inclusive)
Severity ?
8.4 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress | LoadMaster |
Affected:
7.2.37.0 , < 7.2.61.0
(LoadMaster)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-56135",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T18:36:46.815884Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T19:41:05.958Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "LoadMaster",
"vendor": "Progress",
"versions": [
{
"lessThan": "7.2.61.0",
"status": "affected",
"version": "7.2.37.0",
"versionType": "LoadMaster"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\n\nImproper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.\u003c/p\u003e\u003cp\u003eThis issue affects:\u003c/p\u003e\n\n\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e\u202fProduct \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eAffected Versions \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eLoadMaster \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eFrom 7.2.55.0 to 7.2.60.1 (inclusive) \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e\u202f\u0026nbsp;\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eFrom 7.2.49.0 to 7.2.54.12 (inclusive) \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e\u202f\u0026nbsp;\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e7.2.48.12 and all prior versions \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e\n\n\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eECS\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eAll prior versions to 7.2.60.1 (inclusive)\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\n\n\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.\n\nThis issue affects:\n\n\n\n\u202fProduct \n\n\n\n\n\nAffected Versions \n\n\n\n\n\nLoadMaster \n\n\n\n\n\nFrom 7.2.55.0 to 7.2.60.1 (inclusive) \n\n\n\n\n\n\u202f\u00a0\n\n\n\n\n\nFrom 7.2.49.0 to 7.2.54.12 (inclusive) \n\n\n\n\n\n\u202f\u00a0\n\n\n\n\n\n7.2.48.12 and all prior versions \n\n\n\n\n\n\n\n\nECS\n\n\n\n\n\nAll prior versions to 7.2.60.1 (inclusive)"
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88: OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T18:02:29.175Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://community.progress.com/s/article/LoadMaster-Security-Vulnerability-CVE-2024-56131-CVE-2024-56132-CVE-2024-56133-CVE-2024-56134-CVE-2024-56135"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2024-56135",
"datePublished": "2025-02-05T18:02:29.175Z",
"dateReserved": "2024-12-16T16:25:36.029Z",
"dateUpdated": "2025-02-12T19:41:05.958Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-56134 (GCVE-0-2024-56134)
Vulnerability from cvelistv5 – Published: 2025-02-05 18:02 – Updated: 2025-02-05 18:34
VLAI?
Summary
Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.
This issue affects:
Product
Affected Versions
LoadMaster
From 7.2.55.0 to 7.2.60.1 (inclusive)
From 7.2.49.0 to 7.2.54.12 (inclusive)
7.2.48.12 and all prior versions
Multi-Tenant Hypervisor
7.1.35.12 and all prior versions
ECS
All prior versions to 7.2.60.1 (inclusive)
Severity ?
8.4 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress | LoadMaster |
Affected:
All Previous Versions , < 7.2.61.0
(LoadMaster)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-56134",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T18:34:35.521140Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T18:34:49.816Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "LoadMaster",
"vendor": "Progress",
"versions": [
{
"lessThan": "7.2.61.0",
"status": "affected",
"version": "All Previous Versions",
"versionType": "LoadMaster"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\n\nImproper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.\u003c/p\u003e\u003cp\u003eThis issue affects:\u003c/p\u003e\n\n\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e\u202fProduct \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eAffected Versions \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eLoadMaster \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eFrom 7.2.55.0 to 7.2.60.1 (inclusive) \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e\u202f\u0026nbsp;\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eFrom 7.2.49.0 to 7.2.54.12 (inclusive) \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e\u202f\u0026nbsp;\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e7.2.48.12 and all prior versions \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e\n\n\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eMulti-Tenant Hypervisor \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e7.1.35.12 and all prior versions \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\n\n\u003cbr\u003e\u003cbr\u003e\n\n\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eECS\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eAll prior versions to 7.2.60.1 (inclusive)\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\n\n\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.\n\nThis issue affects:\n\n\n\n\u202fProduct \n\n\n\n\n\nAffected Versions \n\n\n\n\n\nLoadMaster \n\n\n\n\n\nFrom 7.2.55.0 to 7.2.60.1 (inclusive) \n\n\n\n\n\n\u202f\u00a0\n\n\n\n\n\nFrom 7.2.49.0 to 7.2.54.12 (inclusive) \n\n\n\n\n\n\u202f\u00a0\n\n\n\n\n\n7.2.48.12 and all prior versions \n\n\n\n\n\n\n\n\nMulti-Tenant Hypervisor \n\n\n\n\n\n7.1.35.12 and all prior versions \n\n\n\n\n\n\n\n\n\n\n\nECS\n\n\n\n\n\nAll prior versions to 7.2.60.1 (inclusive)"
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88: OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T18:02:03.882Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://community.progress.com/s/article/LoadMaster-Security-Vulnerability-CVE-2024-56131-CVE-2024-56132-CVE-2024-56133-CVE-2024-56134-CVE-2024-56135"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2024-56134",
"datePublished": "2025-02-05T18:02:03.882Z",
"dateReserved": "2024-12-16T16:25:36.029Z",
"dateUpdated": "2025-02-05T18:34:49.816Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-56133 (GCVE-0-2024-56133)
Vulnerability from cvelistv5 – Published: 2025-02-05 18:01 – Updated: 2025-02-05 18:35
VLAI?
Summary
Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.
This issue affects:
Product
Affected Versions
LoadMaster
From 7.2.55.0 to 7.2.60.1 (inclusive)
From 7.2.49.0 to 7.2.54.12 (inclusive)
7.2.48.12 and all prior versions
ECS
All prior versions to 7.2.60.1 (inclusive)
Severity ?
8.4 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress | LoadMaster |
Affected:
7.1.35.0 , < 7.2.61.0
(LoadMaster)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-56133",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T18:35:36.354907Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T18:35:44.282Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "LoadMaster",
"vendor": "Progress",
"versions": [
{
"lessThan": "7.2.61.0",
"status": "affected",
"version": "7.1.35.0",
"versionType": "LoadMaster"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\n\nImproper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.\u003c/p\u003e\u003cp\u003eThis issue affects:\u003c/p\u003e\n\n\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e\u202fProduct \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eAffected Versions \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eLoadMaster \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eFrom 7.2.55.0 to 7.2.60.1 (inclusive) \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e\u202f\u0026nbsp;\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eFrom 7.2.49.0 to 7.2.54.12 (inclusive) \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e\u202f\u0026nbsp;\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e7.2.48.12 and all prior versions \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e\u003cbr\u003e\n\n\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eECS\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eAll prior versions to 7.2.60.1 (inclusive)\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\n\n\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.\n\nThis issue affects:\n\n\n\n\u202fProduct \n\n\n\n\n\nAffected Versions \n\n\n\n\n\nLoadMaster \n\n\n\n\n\nFrom 7.2.55.0 to 7.2.60.1 (inclusive) \n\n\n\n\n\n\u202f\u00a0\n\n\n\n\n\nFrom 7.2.49.0 to 7.2.54.12 (inclusive) \n\n\n\n\n\n\u202f\u00a0\n\n\n\n\n\n7.2.48.12 and all prior versions \n\n\n\n\n\n\n\n\n\nECS\n\n\n\n\n\nAll prior versions to 7.2.60.1 (inclusive)"
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88: OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T18:01:31.031Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://community.progress.com/s/article/LoadMaster-Security-Vulnerability-CVE-2024-56131-CVE-2024-56132-CVE-2024-56133-CVE-2024-56134-CVE-2024-56135"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2024-56133",
"datePublished": "2025-02-05T18:01:31.031Z",
"dateReserved": "2024-12-16T16:25:36.028Z",
"dateUpdated": "2025-02-05T18:35:44.282Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-56132 (GCVE-0-2024-56132)
Vulnerability from cvelistv5 – Published: 2025-02-05 18:01 – Updated: 2025-02-05 18:38
VLAI?
Summary
Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.
This issue affects:
Product
Affected Versions
LoadMaster
From 7.2.55.0 to 7.2.60.1 (inclusive)
From 7.2.49.0 to 7.2.54.12 (inclusive)
7.2.48.12 and all prior versions
ECS
All prior versions to 7.2.60.1 (inclusive)
Severity ?
8.4 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress | LoadMaster |
Affected:
All Previous Versions , < 7.2.61.0
(LoadMaster)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-56132",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T18:38:43.675067Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T18:38:55.623Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "LoadMaster",
"vendor": "Progress",
"versions": [
{
"lessThan": "7.2.61.0",
"status": "affected",
"version": "All Previous Versions",
"versionType": "LoadMaster"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\n\nImproper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.\u003c/p\u003e\u003cp\u003eThis issue affects:\u003c/p\u003e\n\n\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e\u202fProduct \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eAffected Versions \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eLoadMaster \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eFrom 7.2.55.0 to 7.2.60.1 (inclusive) \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e\u202f\u0026nbsp;\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eFrom 7.2.49.0 to 7.2.54.12 (inclusive) \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e\u202f\u0026nbsp;\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e7.2.48.12 and all prior versions \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e\n\n\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eECS\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eAll prior versions to 7.2.60.1 (inclusive)\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\n\n\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.\n\nThis issue affects:\n\n\n\n\u202fProduct \n\n\n\n\n\nAffected Versions \n\n\n\n\n\nLoadMaster \n\n\n\n\n\nFrom 7.2.55.0 to 7.2.60.1 (inclusive) \n\n\n\n\n\n\u202f\u00a0\n\n\n\n\n\nFrom 7.2.49.0 to 7.2.54.12 (inclusive) \n\n\n\n\n\n\u202f\u00a0\n\n\n\n\n\n7.2.48.12 and all prior versions \n\n\n\n\n\n\n\n\nECS\n\n\n\n\n\nAll prior versions to 7.2.60.1 (inclusive)"
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88: OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T18:01:02.522Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://community.progress.com/s/article/LoadMaster-Security-Vulnerability-CVE-2024-56131-CVE-2024-56132-CVE-2024-56133-CVE-2024-56134-CVE-2024-56135"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2024-56132",
"datePublished": "2025-02-05T18:01:02.522Z",
"dateReserved": "2024-12-16T16:25:36.028Z",
"dateUpdated": "2025-02-05T18:38:55.623Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}