Skip to content
Censys Search Teams: Industry-leading internet intelligence for growing security teams and organizations | Learn More

June 7, 2024: Authentication Bypass Vulnerability in Progress Telerik Report Server Could Lead to Unauthorized Access of Internal Report Data

  • Issue Name and Description: Authentication Bypass vulnerability in Progress Telerik Report Server
  • Date Published: 2024-05-29
  • CVE-ID and CVSS Score: CVE-2024-4358 – 9.8 (CRITICAL)
  • CWE: CWE-290 Authentication Bypass by Spoofing
  • Asset Description: Telerik Report Server is a server-based report management platform by Progress Software. This issue affects Report Server version 2024 Q1 ( and earlier running on IIS.

Example Telerik Report Server login page


Attack Surface Management Solutions
Learn more