Unauthorized Access Vulnerability in OpenEdge Authentication Gateway and AdminServer Prior to 11.7.19, 12.2.14, and 12.8.1

CVE-2024-1403

Summary

There is a critical unauthorized access vulnerability in the OpenEdge Authentication Gateway and AdminServer prior to specific versions, allowing attackers to bypass authentication and gain unauthorized access to the system. The vulnerability can potentially allow access with administrative privileges. A proof-of-concept exploit for this vulnerability has been released. The impact of this vulnerability is severe and can result in unauthorized access, system compromise, and potential spread of malware. It is advised for organizations to upgrade to the patched version to mitigate the risk.

News Articles

Smarter MSP

CVE-2024-1403

Cybersecurity Threat Advisory: OpenEdge authentication bypass vulnerability

Review this Cybersecurity Threat Advisory to learn how you can mitigate potential unauthorized access due to the OpenEdge vulnerability.

Security Affairs

CVE-2024-1403

Experts released PoC exploit for critical Progress Software OpenEdge bug

Researchers released technical specifics and a PoC for a flaw in Progress Software OpenEdge Authentication Gateway and AdminServer

Security Affairs

CVE-2024-1403

CVE-2024-1403 Progress OpenEdge Authentication Bypass - Security Affairs

Insurance scams via QR codes: how to recognise and defend yourself  |  Massive cyberattacks hit French government agencies  |  BianLian group exploits JetBrains TeamCity bugs in ransomware attacks  |  Experts...

More News...

References