Telerik Report Server Security Vulnerabilities and Issues — Telerik Report Server CVE List

Lucene search

ProgressTelerik Report Server

6 matches found

CVE•added 2024/03/20 1:15 p.m.•130 views

CVE-2024-1800

In Progress® Telerik® Report Server versions prior to 2024 Q1 (10.0.24.130), a remote code execution attack is possible through an insecure deserialization vulnerability.

9.9CVSS9.7AI score0.82351EPSS

CVE•added 2024/07/24 2:15 p.m.•76 views

CVE-2024-6327

In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through an insecure deserialization vulnerability.

9.9CVSS9.8AI score0.0115EPSS

CVE•added 2024/10/09 3:15 p.m.•39 views

CVE-2024-7292

In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a credential stuffing attack is possible through improper restriction of excessive login attempts.

8.8CVSS7.7AI score0.00058EPSS

CVE•added 2024/10/09 3:15 p.m.•38 views

CVE-2024-8015

In Progress Telerik Report Server versions prior to 2024 Q3 (10.2.24.924), a remote code execution attack is possible through object injection via an insecure type resolution vulnerability.

9.1CVSS8.7AI score0.0047EPSS

CVE•added 2024/11/13 4:15 p.m.•37 views

CVE-2024-7295

In Progress® Telerik® Report Server versions prior to 2024 Q4 (10.3.24.1112), the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information.

7.1CVSS6.3AI score0.00079EPSS

CVE•added 2024/05/15 5:15 p.m.•15 views

CVE-2024-4837

In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via a trust boundary violation vulnerability.

5.3CVSS7AI score0.00153EPSS