Vulnerability Description
In OpenEdge Authentication Gateway and AdminServer prior to 11.7.19, 12.2.14, 12.8.1 on all platforms supported by the OpenEdge product, an authentication bypass vulnerability has been identified. The vulnerability is a bypass to authentication based on a failure to properly handle username and password. Certain unexpected content passed into the credentials can lead to unauthorized access without proper authentication.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Progress | Openedge | < 11.7.19 |
Related Weaknesses (CWE)
References
- https://community.progress.com/s/article/Important-Critical-Alert-for-OpenEdge-AVendor Advisory
- https://www.progress.com/openedgeProduct
- https://community.progress.com/s/article/Important-Critical-Alert-for-OpenEdge-AVendor Advisory
- https://www.progress.com/openedgeProduct
FAQ
What is CVE-2024-1403?
CVE-2024-1403 is a vulnerability with a CVSS score of 10.0 (CRITICAL). In OpenEdge Authentication Gateway and AdminServer prior to 11.7.19, 12.2.14, 12.8.1 on all platforms supported by the OpenEdge product, an authentication bypass vulnerability has been identified. Th...
How severe is CVE-2024-1403?
CVE-2024-1403 has been rated CRITICAL with a CVSS base score of 10.0/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2024-1403?
Check the references section above for vendor advisories and patch information. Affected products include: Progress Openedge.