Unauthorized Access Vulnerability in OpenEdge Authentication Gateway and AdminServer Prior to 11.7.19, 12.2.14, and 12.8.1
CVE-2024-1403

9.8CRITICAL

Key Information:

Vendor

Progress

Status
Openedge
Vendor
CVE Published:
27 February 2024

Badges

💰 Ransomware👾 Exploit Exists🟡 Public PoC🟣 EPSS 16%📰 News Worthy

What is CVE-2024-1403?

CVE-2024-1403 is a security vulnerability affecting the OpenEdge Authentication Gateway and AdminServer, versions prior to 11.7.19, 12.2.14, and 12.8.1, produced by Progress. This vulnerability arises from an authentication bypass issue, wherein the system fails to properly handle the username and password inputs, allowing unauthorized users to gain access. This flaw could enable attackers to exploit the authentication mechanisms within the OpenEdge framework, leading to potential unauthorized actions in environments relying on this software. As OpenEdge is often utilized in enterprise database management and application development, an exploitation of this vulnerability could severely disrupt organizational operations.

Potential impact of CVE-2024-1403

  1. Unauthorized Access: The primary impact of this vulnerability is the potential for unauthorized users to access sensitive systems and data without proper authentication, compromising the integrity and confidentiality of organizational information.

  2. Data Breach Risks: Exploitation of CVE-2024-1403 may lead to comprehensive data breaches, exposing sensitive customer, financial, or operational data, which could damage an organization’s reputation and lead to regulatory penalties.

  3. Operational Disruption: Once inside, attackers can manipulate or disrupt critical services and operations, resulting in downtime and operational inefficiencies that can have long-lasting effects on business processes and service delivery.

Affected Version(s)

OpenEdge Windows 11.7.0

OpenEdge Windows 11.7.0 < 11.7.19

OpenEdge Windows 12.2.0 < 12.2.14

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-1403
Created by horizon3ai

News Articles

favicon imageSmarter MSP

Cybersecurity Threat Advisory: OpenEdge authentication bypass vulnerability

Review this Cybersecurity Threat Advisory to learn how you can mitigate potential unauthorized access due to the OpenEdge vulnerability.

favicon imageSecurity Affairs

Experts released PoC exploit for critical Progress Software OpenEdge bug

Researchers released technical specifics and a PoC for a flaw in Progress Software OpenEdge Authentication Gateway and AdminServer

favicon imageSecurity Affairs

CVE-2024-1403 Progress OpenEdge Authentication Bypass - Security Affairs

Insurance scams via QR codes: how to recognise and defend yourself  |  Massive cyberattacks hit French government agencies  |  BianLian group exploits JetBrains TeamCity bugs in ransomware attacks  |  Experts...

References

https://www.progress.com/openedge
product
https://community.progress.com/s/article/Important-Critic...
vendor-advisory

EPSS Score

16% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 💰

    Used in Ransomware

  • 📰

    First article discovered by The Hacker News

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.