04 June 2024NewsroomServer Security / Vulnerability

Telerek Report Server

Progress Software has released updates to address a critical security flaw affecting Telerek Report Server that could potentially be exploited by a remote attacker to bypass authentication and create rogue administrator users.

Issue, tracked as CVE-2024-4358has a CVSS score of 9.8 out of a maximum of 10.0.

“On Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker could gain access to limited functionality of Telerik Report Server via an authentication bypass vulnerability,” the company said. said In an advisory

Report Server 2024 Q2 (10.1.24.514) addresses this shortcoming. Sina Khairkha of the Summoning Team, who is credited with discovering and reporting the flaw, described It is described as an “extremely simple” bug that can be exploited by a “remote unauthenticated attacker to create and log in as an administrator user.”

In addition to updating to the latest version, Progress Software is requesting users to review their report server’s user list for the presence of any new local users that they may not have added.

Cyber ​​security

As a temporary solution until the patch is applied, users are being asked to implement URL rewriting mitigation techniques to remove the attack surface in the Internet Information Services (IIS) server.

This development comes after a month when progress was made on the Telerek Report Server (CVE-2024-1800CVSS Score: 8.8) which requires an authenticated remote attacker to execute arbitrary code on affected installations.

router

In a hypothetical attack scenario, a malicious actor could turn CVE-2024-4358 and CVE-2024-1800 into an exploit chain to bypass authentication and execute arbitrary code with elevated privileges. could

With vulnerabilities in Telerik servers Actively exploited From threat actors in the past, it is important that users take steps to update to the latest version as soon as possible to mitigate potential threats.

Did you find this article interesting? Follow us. Twitter And LinkedIn To read more exclusive content we post.





Source link