Progress Vulnérabilités

Chronologie

Taper

Not Defined68
Network Management Software13
File Transfer Software12
Content Management System5
Reporting Software4

Produit

Progress MOVEit Transfer23
Progress WS_FTP Server12
Progress Sitefinity11
Progress WhatsUp Gold9
Progress OpenEdge7

Contre-mesures

Official Fix87
Temporary Fix0
Workaround1
Unavailable0
Not Defined20

Exploitabilité

High2
Functional0
Proof-of-Concept7
Unproven1
Not Defined98

Vecteur d'accès

Not Defined0
Physical0
Local13
Adjacent13
Network82

Authentification

Not Defined0
High10
Low42
None56

Interaction de l'utilisateur

Not Defined0
Required28
None80

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤43
≤517
≤627
≤713
≤824
≤917
≤107

CVSSv3 Temp

≤10
≤20
≤30
≤43
≤519
≤629
≤714
≤823
≤915
≤105

VulDB

≤10
≤20
≤36
≤416
≤519
≤617
≤718
≤824
≤92
≤106

NVD

≤10
≤20
≤30
≤40
≤52
≤611
≤713
≤812
≤98
≤1017

CNA

≤10
≤20
≤30
≤40
≤52
≤62
≤72
≤817
≤98
≤109

Fournisseur

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 jour

<1k22
<2k66
<5k20
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploiter aujourd'hui

<1k108
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploiter le volume du marché

🔴 CTI Activités

Affected Products (36): 4GL Compiler (1), Chef Automate (1), Chef InSpec (1), Chef Infra Client (1), Chef Infra Server (1), DataDirect Connect for ODBC (2), Database (4), Flowmon (1), Flowmon FPI (1), Flowmon OS (1), JustAssembly (1), JustDecompile (1), Kendo UI Editor (1), LoadMaster (3), MOVEit Automation (1), MOVEit Transfer (23), Messenger (1), OpenEdge (7), OpenEdge OEE (1), OpenEdge OEM (1), Redirection (1), Sitefinity (11), Sitefinity CMS (5), Telerik JustDecompile (1), Telerik Report Server (1), Telerik Reporting (3), Telerik Test Studio (1), Telerik UI for ASP.NET AJAX (2), UI for ASP.NET AJAX (2), UI for Silverlight (1), WS_FTP Server (12), WebSpeed (1), Webspeed (1), Webspeed Messenger (1), WhatsUp Gold (9), Whatsup Gold (4)

PubliéBaseTempVulnérabilitéProdExpConEPSSCTICVE
02/04/20249.99.7Progress Flowmon Management Interface elévation de privilègesInconnueNot DefinedOfficial Fix0.004390.04CVE-2024-2389
22/03/20245.95.8Progress LoadMaster cross site request forgeryInconnueNot DefinedOfficial Fix0.000430.03CVE-2024-2449
22/03/20247.67.4Progress LoadMaster elévation de privilègesInconnueNot DefinedOfficial Fix0.000430.00CVE-2024-2448
20/03/20244.34.2Progress MOVEit Transfer vulnérabilité inconnueInconnueNot DefinedOfficial Fix0.000430.03CVE-2024-2291
20/03/20249.39.1Progress Telerik Report Server elévation de privilègesReporting SoftwareNot DefinedOfficial Fix0.000430.02CVE-2024-1800
20/03/20246.56.4Progress Telerik Reporting elévation de privilègesReporting SoftwareNot DefinedOfficial Fix0.000430.03CVE-2024-1801
20/03/20248.07.8Progress Telerik Reporting elévation de privilègesReporting SoftwareNot DefinedOfficial Fix0.000430.02CVE-2024-1856
28/02/20245.75.7Progress Sitefinity Page Editing Area cross site scriptingInconnueNot DefinedOfficial Fix0.000430.15CVE-2024-1636
28/02/20246.56.4Progress Sitefinity Administrative Area elévation de privilègesInconnueNot DefinedOfficial Fix0.000430.02CVE-2024-1632
27/02/20249.99.7Progress OpenEdge authentification faibleInconnueNot DefinedOfficial Fix0.000430.00CVE-2024-1403
21/02/20248.68.5Progress LoadMaster elévation de privilègesInconnueNot DefinedOfficial Fix0.007210.00CVE-2024-1212
21/02/20245.35.2Progress WS_FTP Server Administrative Interface cross site scriptingFile Transfer SoftwareNot DefinedOfficial Fix0.000430.00CVE-2024-1474
31/01/20247.57.4Progress Telerik Test Studio Applications Installer elévation de privilègesInconnueNot DefinedOfficial Fix0.000610.00CVE-2024-0833
31/01/20247.57.4Progress Telerik Reporting Applications Installer elévation de privilègesReporting SoftwareNot DefinedOfficial Fix0.000610.02CVE-2024-0832
31/01/20247.57.4Progress Telerik JustDecompile Applications Installer elévation de privilègesInconnueNot DefinedOfficial Fix0.000610.03CVE-2024-0219
18/01/20247.57.3Progress OpenEdge Web Request buffer overflowInconnueNot DefinedOfficial Fix0.000460.02CVE-2023-40052
18/01/20248.48.3Progress OpenEdge Web Transport Request elévation de privilègesInconnueNot DefinedOfficial Fix0.000500.03CVE-2023-40051
17/01/20246.86.6Progress MOVEit Transfer HTTPS Transaction dénie de serviceInconnueNot DefinedOfficial Fix0.000630.00CVE-2024-0396
20/12/20234.44.4Progress Sitefinity elévation de privilègesInconnueNot DefinedOfficial Fix0.000630.02CVE-2023-6784
14/12/20235.15.1Progress WhatsUp Gold Role cross site scriptingNetwork Management SoftwareNot DefinedOfficial Fix0.000450.00CVE-2023-6367
14/12/20235.04.9Progress WhatsUp Gold Alert Center cross site scriptingNetwork Management SoftwareNot DefinedOfficial Fix0.000450.00CVE-2023-6366
14/12/20236.06.0Progress WhatsUp Gold API Endpoint elévation de privilègesNetwork Management SoftwareNot DefinedOfficial Fix0.000520.00CVE-2023-6595
14/12/20235.04.9Progress WhatsUp Gold elévation de privilègesNetwork Management SoftwareNot DefinedOfficial Fix0.000520.00CVE-2023-6368
14/12/20235.04.9Progress WhatsUp Gold Dashboard cross site scriptingNetwork Management SoftwareNot DefinedOfficial Fix0.000450.00CVE-2023-6364
14/12/20235.15.1Progress WhatsUp Gold Device Group cross site scriptingNetwork Management SoftwareNot DefinedOfficial Fix0.000450.00CVE-2023-6365

83 plus d'entrées ne sont pas affichées

🔒 Login Required

You need to signup and login to see more of the remaining 83 results.

PrécédentAperçuSuivant

Interested in the pricing of exploits?

See the underground prices here!