File Export Vulnerability in Progress Telerik Document Processing Libraries
CVE-2024-11629
6.5MEDIUM
Key Information:
- Vendor
- Progress Software
- Vendor
- CVE Published:
- 12 February 2025
Summary
The Progress Telerik Document Processing Libraries before version 2025 Q1 (2025.1.205) contain a vulnerability that allows unauthorized file content export to RTF format from an arbitrary file path. This issue poses a significant risk as it can potentially expose sensitive data to unauthorized users. Organizations utilizing these libraries need to update to the latest version to mitigate these risks and secure their document processing capabilities.
Affected Version(s)
Progress® Telerik® Document Processing Libraries .NET Standard 2.0 1.0.0 < 2025.1.205
References
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved