CVE-2024-6097

Medium CVSS: 5.3

In Progress® Telerik® Reporting versions prior to 2025 Q1 (19.0.25.211), information disclosure is possible by a local threat actor through an absolute path vulnerability.

Vendor

Progress

Product

Telerik Reporting

CWE

CWE-36

Yayın Tarihi

2025-02-12 18:15:21

Güncelleme

2025-02-24 16:31:32

Source Identifier

security@progress.com

KEV Date Added

Kategoriler

CWE-36 Telerik Reporting MEDIUM Progress 2025

Referanslar

https://docs.telerik.com/reporting/knowledge-base/kb-security-absolute-path-traversal-CVE-2024-6097

Benzer Kayıtlar

High

CVE-2026-3692

In Progress Flowmon versions prior to 12.5.8, a vulnerability exists whereby an authenticated low-privileged user may cr…

Medium

CVE-2026-2878

In Progress® Telerik® UI for AJAX, versions prior to 2026.1.225, an insufficient entropy vulnerability exists in RadAsyn…

High

CVE-2025-13447

OS Command Injection Remote Code Execution Vulnerability in API in Progress LoadMaster allows an authenticated attacker…

High

CVE-2025-13444

OS Command Injection Remote Code Execution Vulnerability in API in Progress LoadMaster allows an authenticated attacker…

High

CVE-2025-13774

A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.4 and 13.0.1 where an SQL injection vulnerability…

Low

CVE-2025-11235

Unverified Password Change vulnerability in Progress MOVEit Transfer on Windows (REST API modules).This issue affects MO…