CVE-2024-4357
EUVD-2024-4399315.05.2024, 17:15
An information disclosure vulnerability exists in Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, allows low-privilege attacker to read systems file via XML External Entity Processing.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| progress | telerik_reporting | 𝑥 < 10.1.24.514 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| progress_software | telerik_report_server | 1.0.0.0 ≤ 𝑥 < 10.0.24.514 | ADP |