Directory Traversal Vulnerability in Progress Software OpenEdge 11.2
CVE-2014-8555

Currently unrated

Key Information:

Vendor: Progress
Status: Openedge
Vendor: CVE Published:; 12 November 2014

What is CVE-2014-8555?

The directory traversal vulnerability in Progress Software OpenEdge 11.2 allows remote attackers to exploit the 'selection' parameter in report/reportViewAction.jsp. By inserting a '..' (dot dot) in the selection parameter, attackers can gain unauthorized access to sensitive files on the server, which may lead to data exposure and compromise of system integrity.

References

http://www.exploit-db.com/exploits/35127

exploitx_refsource_EXPLOIT-DB

https://www.xlabs.com.br/blog/?p=256

x_refsource_MISC

http://www.exploit-db.com/exploits/35207

exploitx_refsource_EXPLOIT-DB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 12, 2014
Vulnerability Reserved
Oct 30, 2014