Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2024-1403

Published: 27/02/2024 Updated: 28/02/2024

Vulnerability Summary

In OpenEdge Authentication Gateway and AdminServer before 11.7.19, 12.2.14, 12.8.1 on all platforms supported by the OpenEdge product, an authentication bypass vulnerability has been identified.  The vulnerability is a bypass to authentication based on a failure to properly handle username and password. Certain unexpected content passed into the credentials can lead to unauthorized access without proper authentication.  

Vulnerability Trend

Github Repositories

https://github.com/horizon3ai/CVE-2024-1403

Progress OpenEdge Authentication Bypass

CVE-2024-1403 Progress OpenEdge Authentication Bypass An exploit proof of concept for Progress OpenEdge CVE-2024-1403 Blog Post More details here: wwwhorizon3ai/attack-research/cve-2024-1403-progress-openedge-authentication-bypass-deep-dive Usage You must provide your own versions of the following jars: progressjar oeauth-128-jar osmetricsjar juniperjar Compi

References

https://www.progress.com/openedgehttps://community.progress.com/s/article/Important-Critical-Alert-for-OpenEdge-Authentication-Gateway-and-AdminServerhttps://nvd.nist.govhttps://github.com/horizon3ai/CVE-2024-1403
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook