Vulnerability Description
In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via a trust boundary violation vulnerability.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Progress | Telerik Report Server | < 10.1.24.514 |
Related Weaknesses (CWE)
References
- https://docs.telerik.com/report-server/knowledge-base/information-exposure-cve-2Vendor Advisory
- https://docs.telerik.com/report-server/knowledge-base/information-exposure-cve-2Vendor Advisory
FAQ
What is CVE-2024-4837?
CVE-2024-4837 is a vulnerability with a CVSS score of 5.3 (MEDIUM). In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via a trust boundary ...
How severe is CVE-2024-4837?
CVE-2024-4837 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-4837?
Check the references section above for vendor advisories and patch information. Affected products include: Progress Telerik Report Server.