Issue Name and Description: Authentication Bypass vulnerability in Progress Telerik Report Server
Date Published: 2024-05-29
CVE-ID and CVSS Score: CVE-2024-4358 – 9.8 (CRITICAL)
CWE: CWE-290 Authentication Bypass by Spoofing
Asset Description: Telerik Report Server is a server-based report management platform by Progress Software. This issue affects Report Server version 2024 Q1 (10.0.24.305) and earlier running on IIS.
Example Telerik Report Server login page
Vulnerability Impact: If this vulnerability is successfully exploited, an unauthenticated threat actor could potentially gain unauthorized access to the Telerik Report Server with restricted functionality. This could lead to accessing any sensitive report data that’s stored on these servers.
Exploitation Details: A public PoC and technical writeup has been released. This CVE is currently not in CISA KEV.
ASM Risk Query for potentially vulnerable Censys-visible public-facing instances of Telerik Report Server: risks.name=“Vulnerable Progress Telerik Report Server [CVE-2024-4358]”
Search Exposure Query for all Censys-visible public-facing Telerik Report Server gateways: services.software.vendor:“Progress Software” and services.software.product:“Telerik Report Server”
ASM Exposure Query for all Censys-visible public-facing Telerik Report Server gateways: host.services.software: (vendor:“Progress Software” and product:“Telerik Report Server” ) or (web_entity.instances.software.vendor:“Progress Software” and web_entity.instances.software.product:“Telerik Report Server”)
