3 matches found
CVE-2023-40051
CVE-2023-40051 affects Progress Application Server (PAS) for OpenEdge. A WEB transport request can allow unintended file uploads to a server directory path on the PASOE host, potentially enabling a later attack if the uploaded payload is exploitable. Affected versions are 11.7 before 11.7.18, 12....
CVE-2024-7654
The CVE affects Progress OpenEdge Management with OEE/OEM auto-discovery, where the ActiveMQ Discovery service was reachable by default. Unauthorized access to the discovery service’s UDP port allowed content injection into parts of the OEM web interface, enabling potential user deception. Public...
CVE-2023-40052
CVE-2023-40052 affects Progress Application Server (PAS) for OpenEdge. A malformed web request can crash a PASOE agent, potentially disrupting thread activities of multiple web application clients and causing DoS due to flooding of invalid requests. Affected versions are 11.7 < 11.7.18, 12.2