Refine your search
13 vulnerabilities found for by progress
CVE-2025-13147 (GCVE-0-2025-13147)
Vulnerability from cvelistv5
Published
2025-11-19 20:45
Modified
2025-11-19 20:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Summary
Server-Side Request Forgery (SSRF) vulnerability in Progress MOVEit Transfer.This issue affects MOVEit Transfer: before 2024.1.8, from 2025.0.0 before 2025.0.4.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress | MOVEit Transfer |
Version: 0 ≤ Version: 2025.0.0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13147",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-19T20:49:54.892323Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T20:50:10.151Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MOVEit Transfer",
"vendor": "Progress",
"versions": [
{
"lessThan": "2024.1.8",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "2025.0.4",
"status": "affected",
"version": "2025.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Early Warning Services"
},
{
"lang": "en",
"type": "finder",
"value": "Michael McCambridge"
},
{
"lang": "en",
"type": "finder",
"value": "Brian Tigges"
},
{
"lang": "en",
"type": "finder",
"value": "Jason Scribner"
},
{
"lang": "en",
"type": "finder",
"value": "Alex Achs"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Server-Side Request Forgery (SSRF) vulnerability in Progress MOVEit Transfer.\u003cp\u003eThis issue affects MOVEit Transfer: before 2024.1.8, from 2025.0.0 before 2025.0.4.\u003c/p\u003e"
}
],
"value": "Server-Side Request Forgery (SSRF) vulnerability in Progress MOVEit Transfer.This issue affects MOVEit Transfer: before 2024.1.8, from 2025.0.0 before 2025.0.4."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T20:45:48.418Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://docs.progress.com/bundle/moveit-transfer-release-notes-2024/page/Fixed-Issues-in-2024.1.8.html"
},
{
"url": "https://docs.progress.com/bundle/moveit-transfer-release-notes-2025/page/Fixed-Issues-in-2025.0.4.html"
},
{
"url": "https://docs.progress.com/bundle/moveit-transfer-release-notes-2025_1/page/Fixed-Issues-in-2025.1.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "External Service Interaction (DNS)",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-13147",
"datePublished": "2025-11-19T20:45:48.418Z",
"dateReserved": "2025-11-13T20:06:29.891Z",
"dateUpdated": "2025-11-19T20:50:10.151Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10703 (GCVE-0-2025-10703)
Vulnerability from cvelistv5
Published
2025-11-19 15:47
Modified
2025-11-20 04:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Summary
Improper Control of Generation of Code ('Code Injection') vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows Remote Code Inclusion.
The SpyAttribute connection option implemented by the DataDirect Connect for JDBC drivers, DataDirect Hybrid Data Pipeline JDBC driver and the DataDirect OpenAccess JDBC driver log=(file) construct allows the user to specify an arbitrary file for the JDBC driver to write its log information to. If an application allows an end user to specify a value for the SpyAttributes connection option then an attacker could cause java script to be written to a log file. If the log file was in the correct location with the correct extension, an application server could see that log file as a resource to be served. The attacker could fetch the resource from the server causing the java script to be executed.
This issue affects:
DataDirect Connect for JDBC for Amazon Redshift: through 6.0.0.001392, fixed in 6.0.0.001541
DataDirect Connect for JDBC for Apache Cassandra: through 6.0.0.000805, fixed in 6.0.0.000833
DataDirect Connect for JDBC for Hive: through 6.0.1.001499, fixed in 6.0.1.001628
DataDirect Connect for JDBC for Apache Impala: through 6.0.0.001155, fixed in 6.0.0.001279
DataDirect Connect for JDBC for Apache SparkSQL: through 6.0.1.001222, fixed in 6.0.1.001344
DataDirect Connect for JDBC Autonomous REST Connector: through 6.0.1.006961, fixed in 6.0.1.007063
DataDirect Connect for JDBC for DB2: through 6.0.0.000717, fixed in 6.0.0.000964
DataDirect Connect for JDBC for Google Analytics 4: through 6.0.0.000454, fixed in 6.0.0.000525
DataDirect Connect for JDBC for Google BigQuery: through 6.0.0.002279, fixed in 6.0.0.002410
DataDirect Connect for JDBC for Greenplum: through 6.0.0.001712, fixed in 6.0.0.001727
DataDirect Connect for JDBC for Informix: through 6.0.0.000690, fixed in 6.0.0.0851
DataDirect Connect for JDBC for Microsoft Dynamics 365: through 6.0.0.003161, fixed in 6.0.0.3198
DataDirect Connect for JDBC for Microsoft SQLServer: through 6.0.0.001936, fixed in 6.0.0.001957
DataDirect Connect for JDBC for Microsoft Sharepoint: through 6.0.0.001559, fixed in 6.0.0.001587
DataDirect Connect for JDBC for MongoDB: through 6.1.0.001654, fixed in 6.1.0.001669
DataDirect Connect for JDBC for MySQL: through 5.1.4.000330, fixed in 5.1.4.000364
DataDirect Connect for JDBC for Oracle Database: through 6.0.0.001747, fixed in 6.0.0.001776
DataDirect Connect for JDBC for Oracle Eloqua: through 6.0.0.001438, fixed in 6.0.0.001458
DataDirect Connect for JDBC for Oracle Sales Cloud: through 6.0.0.001225, fixed in 6.0.0.001316
DataDirect Connect for JDBC for Oracle Service Cloud: through 5.1.4.000298, fixed in 5.1.4.000309
DataDirect Connect for JDBC for PostgreSQL: through 6.0.0.001843, fixed in 6.0.0.001856
DataDirect Connect for JDBC for Progress OpenEdge: through 5.1.4.000187, fixed in 5.1.4.000189
DataDirect Connect for JDBC for Salesforce: through 6.0.0.003020, fixed in 6.0.0.003125
DataDirect Connect for JDBC for SAP HANA: through 6.0.0.000879, product retired
DataDirect Connect for JDBC for SAP S/4 HANA: through 6.0.1.001818, fixed in 6.0.1.001858
DataDirect Connect for JDBC for Sybase ASE: through 5.1.4.000161, fixed in 5.1.4.000162
DataDirect Connect for JDBC for Snowflake: through 6.0.1.001821, fixed in 6.0.1.001856
DataDirect Hybrid Data Pipeline Server: through 4.6.2.3309, fixed in 4.6.2.3430
DataDirect Hybrid Data Pipeline JDBC Driver: through 4.6.2.0607, fixed in 4.6.2.1023
DataDirect Hybrid Data Pipeline On Premises Connector: through 4.6.2.1223, fixed in 4.6.2.1339
DataDirect Hybrid Data Pipeline Docker: through 4.6.2.3316, fixed in 4.6.2.3430
DataDirect OpenAccess JDBC Driver: through 8.1.0.0177, fixed in 8.1.0.0183
DataDirect OpenAccess JDBC Driver: through 9.0.0.0019, fixed in 9.0.0.0022
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Progress | DataDirect Connect for JDBC for Amazon Redshift |
Version: 0 < Patch: 6.0.0.001541 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10703",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-19T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T04:55:24.843Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Amazon Redshift",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001392",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001541",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Apache Cassandra",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.000805",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.000833",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Hive",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.1.001499",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.1.001628",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Apache Impala",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001155",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.1279",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Apache SparkSQL",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.1.001222",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.1.001344",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC Autonomous REST Connector",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.1.006961",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.1.007063",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for DB2",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.000717",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.000964",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Google Analytics 4",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.000454",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.000525"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Google BigQuery",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.002279",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.002410",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Greenplum",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001712",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001727",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Informix",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.000690",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.000851",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Microsoft Dynamics 365",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.003161",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.003198",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Microsoft SQLServer",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001936",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001957",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Microsoft Sharepoint",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001559",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001587",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for MongoDB",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.1.0.001654",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.1.0.001669",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for MySQL",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "5.1.4.000330",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "5.1.4.000364",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Oracle Database",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001747",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001776",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Oracle Eloqua",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001438",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001458",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Oracle Sales Cloud",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001225",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001316",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Oracle Service Cloud",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "5.1.4.000298",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "5.1.4.000309",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for PostgreSQL",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001843",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001856",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Progress OpenEdge",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "5.1.4.000187",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "5.1.4.000189",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Salesforce",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.003020",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.003125",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for SAP HANA",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.000879",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for SAP S/4 HANA",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001818",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.1.001858",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Sybase ASE",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "5.1.4.000161",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "5.1.4.000162",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Snowflake",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.1.001821",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.1.001856",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Hybrid Data Pipeline Server",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "4.6.2.3309",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.6.2.3430",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Hybrid Data Pipeline JDBC Driver",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "4.6.2.0607",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.6.2.1023",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Hybrid Data Pipeline On Premises Connector",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "4.6.2.1223",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.6.2.1339",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Hybrid Data Pipeline Docker",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "4.6.2.3316",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.6.2.3430",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect OpenAccess JDBC Driver",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "8.1.0.0177",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "8.1.0.0183",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect OpenAccess JDBC Driver",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "9.0.0.0019",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "9.0.0.0022",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Brecht Snijders of Triskele Labs"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Control of Generation of Code (\u0027Code Injection\u0027) vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows Remote Code Inclusion.\u003cbr\u003e\u003cbr\u003eThe SpyAttribute connection option implemented by the DataDirect Connect for JDBC drivers, DataDirect Hybrid Data Pipeline JDBC driver and the DataDirect OpenAccess JDBC driver log=(file) construct allows the user to specify an arbitrary file for the JDBC driver to write its log information to.\u0026nbsp; If an application allows an end user to specify a value for the SpyAttributes connection option then an attacker could cause java script to be written to a log file.\u0026nbsp; If the log file was in the correct location with the correct extension, an application server could see that log file as a resource to be served.\u0026nbsp; The attacker could fetch the resource from the server causing the java script to be executed.\u003cbr\u003e\u003cbr\u003e\u003cp\u003e\n\n\u003c/p\u003e\u003cdiv\u003eThis issue affects:\u003c/div\u003e\u003cdiv\u003e\n\n\u003cdiv\u003eDataDirect Connect for JDBC for Amazon Redshift: through 6.0.0.001392, fixed in 6.0.0.001541\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Apache Cassandra: through 6.0.0.000805, fixed in 6.0.0.000833\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Hive: through 6.0.1.001499, fixed in 6.0.1.001628\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Apache Impala: through 6.0.0.001155, fixed in 6.0.0.001279\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Apache SparkSQL: through 6.0.1.001222, fixed in 6.0.1.001344\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC Autonomous REST Connector: through 6.0.1.006961, fixed in 6.0.1.007063\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for DB2: through 6.0.0.000717, fixed in 6.0.0.000964\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Google Analytics 4: through 6.0.0.000454, fixed in 6.0.0.000525\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Google BigQuery: through 6.0.0.002279, fixed in 6.0.0.002410\u003cbr\u003eDataDirect Connect for JDBC for Greenplum: through 6.0.0.001712, fixed in 6.0.0.001727\u003cbr\u003eDataDirect Connect for JDBC for Informix: through 6.0.0.000690, fixed in 6.0.0.0851\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Microsoft Dynamics 365: through 6.0.0.003161, fixed in 6.0.0.3198\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Microsoft SQLServer: through 6.0.0.001936, fixed in 6.0.0.001957\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Microsoft Sharepoint: through 6.0.0.001559, fixed in 6.0.0.001587\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for MongoDB: through 6.1.0.001654, fixed in 6.1.0.001669\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for MySQL: through 5.1.4.000330, fixed in 5.1.4.000364\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Oracle Database: through 6.0.0.001747, fixed in 6.0.0.001776\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Oracle Eloqua: through 6.0.0.001438, fixed in 6.0.0.001458\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Oracle Sales Cloud: through 6.0.0.001225, fixed in 6.0.0.001316\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Oracle Service Cloud: through 5.1.4.000298, fixed in 5.1.4.000309\u003cbr\u003eDataDirect Connect for JDBC for PostgreSQL: through 6.0.0.001843, fixed in 6.0.0.001856\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Progress OpenEdge: through 5.1.4.000187, fixed in 5.1.4.000189\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Salesforce: through 6.0.0.003020, fixed in 6.0.0.003125\u003cbr\u003eDataDirect Connect for JDBC for SAP HANA: through 6.0.0.000879, product retired\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for SAP S/4 HANA: through 6.0.1.001818, fixed in 6.0.1.001858\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Sybase ASE: through 5.1.4.000161, fixed in 5.1.4.000162\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Snowflake: through 6.0.1.001821, fixed in 6.0.1.001856\u003c/div\u003e\u003cdiv\u003eDataDirect Hybrid Data Pipeline Server: through 4.6.2.3309, fixed in 4.6.2.3430\u003c/div\u003e\u003cdiv\u003eDataDirect Hybrid Data Pipeline JDBC Driver: through 4.6.2.0607, fixed in 4.6.2.1023\u003c/div\u003e\u003cdiv\u003eDataDirect Hybrid Data Pipeline On Premises Connector: through 4.6.2.1223, fixed in 4.6.2.1339\u003cbr\u003eDataDirect Hybrid Data Pipeline Docker: through 4.6.2.3316, fixed in 4.6.2.3430\u003c/div\u003e\u003cdiv\u003eDataDirect OpenAccess JDBC Driver: through 8.1.0.0177, fixed in 8.1.0.0183\u003c/div\u003e\u003cdiv\u003eDataDirect OpenAccess JDBC Driver: through 9.0.0.0019, fixed in 9.0.0.0022\u003c/div\u003e\n\n\u003cbr\u003e\u003c/div\u003e\n\n\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Improper Control of Generation of Code (\u0027Code Injection\u0027) vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows Remote Code Inclusion.\n\nThe SpyAttribute connection option implemented by the DataDirect Connect for JDBC drivers, DataDirect Hybrid Data Pipeline JDBC driver and the DataDirect OpenAccess JDBC driver log=(file) construct allows the user to specify an arbitrary file for the JDBC driver to write its log information to.\u00a0 If an application allows an end user to specify a value for the SpyAttributes connection option then an attacker could cause java script to be written to a log file.\u00a0 If the log file was in the correct location with the correct extension, an application server could see that log file as a resource to be served.\u00a0 The attacker could fetch the resource from the server causing the java script to be executed.\n\n\n\n\n\nThis issue affects:\n\n\n\nDataDirect Connect for JDBC for Amazon Redshift: through 6.0.0.001392, fixed in 6.0.0.001541\n\nDataDirect Connect for JDBC for Apache Cassandra: through 6.0.0.000805, fixed in 6.0.0.000833\n\nDataDirect Connect for JDBC for Hive: through 6.0.1.001499, fixed in 6.0.1.001628\n\nDataDirect Connect for JDBC for Apache Impala: through 6.0.0.001155, fixed in 6.0.0.001279\n\nDataDirect Connect for JDBC for Apache SparkSQL: through 6.0.1.001222, fixed in 6.0.1.001344\n\nDataDirect Connect for JDBC Autonomous REST Connector: through 6.0.1.006961, fixed in 6.0.1.007063\n\nDataDirect Connect for JDBC for DB2: through 6.0.0.000717, fixed in 6.0.0.000964\n\nDataDirect Connect for JDBC for Google Analytics 4: through 6.0.0.000454, fixed in 6.0.0.000525\n\nDataDirect Connect for JDBC for Google BigQuery: through 6.0.0.002279, fixed in 6.0.0.002410\nDataDirect Connect for JDBC for Greenplum: through 6.0.0.001712, fixed in 6.0.0.001727\nDataDirect Connect for JDBC for Informix: through 6.0.0.000690, fixed in 6.0.0.0851\n\n\nDataDirect Connect for JDBC for Microsoft Dynamics 365: through 6.0.0.003161, fixed in 6.0.0.3198\n\nDataDirect Connect for JDBC for Microsoft SQLServer: through 6.0.0.001936, fixed in 6.0.0.001957\n\nDataDirect Connect for JDBC for Microsoft Sharepoint: through 6.0.0.001559, fixed in 6.0.0.001587\n\nDataDirect Connect for JDBC for MongoDB: through 6.1.0.001654, fixed in 6.1.0.001669\n\nDataDirect Connect for JDBC for MySQL: through 5.1.4.000330, fixed in 5.1.4.000364\n\nDataDirect Connect for JDBC for Oracle Database: through 6.0.0.001747, fixed in 6.0.0.001776\n\nDataDirect Connect for JDBC for Oracle Eloqua: through 6.0.0.001438, fixed in 6.0.0.001458\n\nDataDirect Connect for JDBC for Oracle Sales Cloud: through 6.0.0.001225, fixed in 6.0.0.001316\n\nDataDirect Connect for JDBC for Oracle Service Cloud: through 5.1.4.000298, fixed in 5.1.4.000309\nDataDirect Connect for JDBC for PostgreSQL: through 6.0.0.001843, fixed in 6.0.0.001856\n\n\nDataDirect Connect for JDBC for Progress OpenEdge: through 5.1.4.000187, fixed in 5.1.4.000189\n\nDataDirect Connect for JDBC for Salesforce: through 6.0.0.003020, fixed in 6.0.0.003125\nDataDirect Connect for JDBC for SAP HANA: through 6.0.0.000879, product retired\n\nDataDirect Connect for JDBC for SAP S/4 HANA: through 6.0.1.001818, fixed in 6.0.1.001858\n\nDataDirect Connect for JDBC for Sybase ASE: through 5.1.4.000161, fixed in 5.1.4.000162\n\nDataDirect Connect for JDBC for Snowflake: through 6.0.1.001821, fixed in 6.0.1.001856\n\nDataDirect Hybrid Data Pipeline Server: through 4.6.2.3309, fixed in 4.6.2.3430\n\nDataDirect Hybrid Data Pipeline JDBC Driver: through 4.6.2.0607, fixed in 4.6.2.1023\n\nDataDirect Hybrid Data Pipeline On Premises Connector: through 4.6.2.1223, fixed in 4.6.2.1339\nDataDirect Hybrid Data Pipeline Docker: through 4.6.2.3316, fixed in 4.6.2.3430\n\nDataDirect OpenAccess JDBC Driver: through 8.1.0.0177, fixed in 8.1.0.0183\n\nDataDirect OpenAccess JDBC Driver: through 9.0.0.0019, fixed in 9.0.0.0022"
}
],
"impacts": [
{
"capecId": "CAPEC-253",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-253 Remote Code Inclusion"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T15:47:07.908Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://community.progress.com/s/article/Progress-DataDirect-Critical-Security-Product-Alert-Bulletin-November-2025"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-10703",
"datePublished": "2025-11-19T15:47:07.908Z",
"dateReserved": "2025-09-18T19:40:28.783Z",
"dateUpdated": "2025-11-20T04:55:24.843Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10702 (GCVE-0-2025-10702)
Vulnerability from cvelistv5
Published
2025-11-19 15:46
Modified
2025-11-20 04:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Summary
Improper Control of Generation of Code ('Code Injection') vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows Remote Code Inclusion.
The SpyAttribute connection option implemented by the DataDirect Connect for JDBC drivers, DataDirect Hybrid Data Pipeline JDBC driver and the DataDirect OpenAccess JDBC driver supports an undocumented syntax construct for the option value that if discovered can be used by an attacker. If an application allows an end user to specify a value for the SpyAttributes connection option then an attacker can use the undocumented syntax to cause the driver to load an arbitrary class on the class path and execute a constructor on that class.
This issue affects:
DataDirect Connect for JDBC for Amazon Redshift: through 6.0.0.001392, fixed in 6.0.0.001541
DataDirect Connect for JDBC for Apache Cassandra: through 6.0.0.000805, fixed in 6.0.0.000833
DataDirect Connect for JDBC for Hive: through 6.0.1.001499, fixed in 6.0.1.001628
DataDirect Connect for JDBC for Apache Impala: through 6.0.0.001155, fixed in 6.0.0.001279
DataDirect Connect for JDBC for Apache SparkSQL: through 6.0.1.001222, fixed in 6.0.1.001344
DataDirect Connect for JDBC Autonomous REST Connector: through 6.0.1.006961, fixed in 6.0.1.007063
DataDirect Connect for JDBC for DB2: through 6.0.0.000717, fixed in 6.0.0.000964
DataDirect Connect for JDBC for Google Analytics 4: through 6.0.0.000454, fixed in 6.0.0.000525
DataDirect Connect for JDBC for Google BigQuery: through 6.0.0.002279, fixed in 6.0.0.002410
DataDirect Connect for JDBC for Greenplum: through 6.0.0.001712, fixed in 6.0.0.001727
DataDirect Connect for JDBC for Informix: through 6.0.0.000690, fixed in 6.0.0.0851
DataDirect Connect for JDBC for Microsoft Dynamics 365: through 6.0.0.003161, fixed in 6.0.0.3198
DataDirect Connect for JDBC for Microsoft SQLServer: through 6.0.0.001936, fixed in 6.0.0.001957
DataDirect Connect for JDBC for Microsoft Sharepoint: through 6.0.0.001559, fixed in 6.0.0.001587
DataDirect Connect for JDBC for MongoDB: through 6.1.0.001654, fixed in 6.1.0.001669
DataDirect Connect for JDBC for MySQL: through 5.1.4.000330, fixed in 5.1.4.000364
DataDirect Connect for JDBC for Oracle Database: through 6.0.0.001747, fixed in 6.0.0.001776
DataDirect Connect for JDBC for Oracle Eloqua: through 6.0.0.001438, fixed in 6.0.0.001458
DataDirect Connect for JDBC for Oracle Sales Cloud: through 6.0.0.001225, fixed in 6.0.0.001316
DataDirect Connect for JDBC for Oracle Service Cloud: through 5.1.4.000298, fixed in 5.1.4.000309
DataDirect Connect for JDBC for PostgreSQL: through 6.0.0.001843, fixed in 6.0.0.001856
DataDirect Connect for JDBC for Progress OpenEdge: through 5.1.4.000187, fixed in 5.1.4.000189
DataDirect Connect for JDBC for Salesforce: through 6.0.0.003020, fixed in 6.0.0.003125
DataDirect Connect for JDBC for SAP HANA: through 6.0.0.000879, product retired
DataDirect Connect for JDBC for SAP S/4 HANA: through 6.0.1.001818, fixed in 6.0.1.001858
DataDirect Connect for JDBC for Sybase ASE: through 5.1.4.000161, fixed in 5.1.4.000162
DataDirect Connect for JDBC for Snowflake: through 6.0.1.001821, fixed in 6.0.1.001856
DataDirect Hybrid Data Pipeline Server: through 4.6.2.3309, fixed in 4.6.2.3430
DataDirect Hybrid Data Pipeline JDBC Driver: through 4.6.2.0607, fixed in 4.6.2.1023
DataDirect Hybrid Data Pipeline On Premises Connector: through 4.6.2.1223, fixed in 4.6.2.1339
DataDirect Hybrid Data Pipeline Docker: through 4.6.2.3316, fixed in 4.6.2.3430
DataDirect OpenAccess JDBC Driver: through 8.1.0.0177, fixed in 8.1.0.0183
DataDirect OpenAccess JDBC Driver: through 9.0.0.0019, fixed in 9.0.0.0022
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Progress | DataDirect Connect for JDBC for Amazon Redshift |
Version: 0 < Patch: 6.0.0.001541 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10702",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-19T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T04:55:24.080Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Amazon Redshift",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001392",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001541",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Apache Cassandra",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.000805",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.000833",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Hive",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.1.001499",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.1.001628",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Apache Impala",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001155",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.1279",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Apache SparkSQL",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.1.001222",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.1.001344",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC Autonomous REST Connector",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.1.006961",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.1.007063",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for DB2",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.000717",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.000964",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Google Analytics 4",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.000454",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.000525"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Google BigQuery",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.002279",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.002410",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Greenplum",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001712",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001727",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Informix",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.000690",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.000851",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Microsoft Dynamics 365",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.003161",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.003198",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Microsoft SQLServer",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001936",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001957",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Microsoft Sharepoint",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001559",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001587",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for MongoDB",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.1.0.001654",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.1.0.001669",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for MySQL",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "5.1.4.000330",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "5.1.4.000364",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Oracle Database",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001747",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001776",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Oracle Eloqua",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001438",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001458",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Oracle Sales Cloud",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001225",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001316",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Oracle Service Cloud",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "5.1.4.000298",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "5.1.4.000309",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for PostgreSQL",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.001843",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.001856",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Progress OpenEdge",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "5.1.4.000187",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "5.1.4.000189",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Salesforce",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.003020",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.0.003125",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for SAP HANA",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.0.000879",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for SAP S/4 HANA",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.1.001818",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.1.001858",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Sybase ASE",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "5.1.4.000161",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "5.1.4.000162",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Connect for JDBC for Snowflake",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "6.0.1.001821",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.0.1.001856",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Hybrid Data Pipeline Server",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "4.6.2.3309",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.6.2.3430",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Hybrid Data Pipeline JDBC Driver",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "4.6.2.0607",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.6.2.1023",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Hybrid Data Pipeline On Premises Connector",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "4.6.2.1223",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.6.2.1339",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect Hybrid Data Pipeline Docker",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "4.6.2.3316",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.6.2.3430",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect OpenAccess JDBC Driver",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "8.1.0.0177",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "8.1.0.0183",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DataDirect OpenAccess JDBC Driver",
"vendor": "Progress",
"versions": [
{
"lessThanOrEqual": "9.0.0.0019",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "9.0.0.0022",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Brecht Snijders of Triskele Labs"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003eImproper Control of Generation of Code (\u0027Code Injection\u0027) vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows Remote Code Inclusion.\u003c/div\u003e\u003cbr\u003e\u003cdiv\u003eThe SpyAttribute connection option implemented by the DataDirect Connect for JDBC drivers, DataDirect Hybrid Data Pipeline JDBC driver and the DataDirect OpenAccess JDBC driver supports an undocumented syntax construct for the option value that if discovered can be used by an attacker. If an application allows an end user to specify a value for the SpyAttributes connection option then an attacker can use the undocumented syntax to cause the driver to load an arbitrary class on the class path and execute a constructor on that class. \u0026nbsp;\u003c/div\u003e\u003cbr\u003e\u003cdiv\u003eThis issue affects:\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Amazon Redshift: through 6.0.0.001392, fixed in 6.0.0.001541\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Apache Cassandra: through 6.0.0.000805, fixed in 6.0.0.000833\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Hive: through 6.0.1.001499, fixed in 6.0.1.001628\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Apache Impala: through 6.0.0.001155, fixed in 6.0.0.001279\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Apache SparkSQL: through 6.0.1.001222, fixed in 6.0.1.001344\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC Autonomous REST Connector: through 6.0.1.006961, fixed in 6.0.1.007063\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for DB2: through 6.0.0.000717, fixed in 6.0.0.000964\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Google Analytics 4: through 6.0.0.000454, fixed in 6.0.0.000525\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Google BigQuery: through 6.0.0.002279, fixed in 6.0.0.002410\u003cbr\u003eDataDirect Connect for JDBC for Greenplum: through 6.0.0.001712, fixed in 6.0.0.001727\u003cbr\u003eDataDirect Connect for JDBC for Informix: through 6.0.0.000690, fixed in 6.0.0.0851\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Microsoft Dynamics 365: through 6.0.0.003161, fixed in 6.0.0.3198\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Microsoft SQLServer: through 6.0.0.001936, fixed in 6.0.0.001957\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Microsoft Sharepoint: through 6.0.0.001559, fixed in 6.0.0.001587\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for MongoDB: through 6.1.0.001654, fixed in 6.1.0.001669\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for MySQL: through 5.1.4.000330, fixed in 5.1.4.000364\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Oracle Database: through 6.0.0.001747, fixed in 6.0.0.001776\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Oracle Eloqua: through 6.0.0.001438, fixed in 6.0.0.001458\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Oracle Sales Cloud: through 6.0.0.001225, fixed in 6.0.0.001316\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Oracle Service Cloud: through 5.1.4.000298, fixed in 5.1.4.000309\u003cbr\u003eDataDirect Connect for JDBC for PostgreSQL: through 6.0.0.001843, fixed in 6.0.0.001856\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Progress OpenEdge: through 5.1.4.000187, fixed in 5.1.4.000189\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Salesforce: through 6.0.0.003020, fixed in 6.0.0.003125\u003cbr\u003eDataDirect Connect for JDBC for SAP HANA: through 6.0.0.000879, product retired\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for SAP S/4 HANA: through 6.0.1.001818, fixed in 6.0.1.001858\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Sybase ASE: through 5.1.4.000161, fixed in 5.1.4.000162\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Snowflake: through 6.0.1.001821, fixed in 6.0.1.001856\u003c/div\u003e\u003cdiv\u003eDataDirect Hybrid Data Pipeline Server: through 4.6.2.3309, fixed in 4.6.2.3430\u003c/div\u003e\u003cdiv\u003eDataDirect Hybrid Data Pipeline JDBC Driver: through 4.6.2.0607, fixed in 4.6.2.1023\u003c/div\u003e\u003cdiv\u003eDataDirect Hybrid Data Pipeline On Premises Connector: through 4.6.2.1223, fixed in 4.6.2.1339\u003cbr\u003eDataDirect Hybrid Data Pipeline Docker: through 4.6.2.3316, fixed in 4.6.2.3430\u003c/div\u003e\u003cdiv\u003eDataDirect OpenAccess JDBC Driver: through 8.1.0.0177, fixed in 8.1.0.0183\u003c/div\u003e\u003cdiv\u003eDataDirect OpenAccess JDBC Driver: through 9.0.0.0019, fixed in 9.0.0.0022\u003c/div\u003e\u003c/div\u003e\n\n\u003cbr\u003e"
}
],
"value": "Improper Control of Generation of Code (\u0027Code Injection\u0027) vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows Remote Code Inclusion.\n\n\nThe SpyAttribute connection option implemented by the DataDirect Connect for JDBC drivers, DataDirect Hybrid Data Pipeline JDBC driver and the DataDirect OpenAccess JDBC driver supports an undocumented syntax construct for the option value that if discovered can be used by an attacker. If an application allows an end user to specify a value for the SpyAttributes connection option then an attacker can use the undocumented syntax to cause the driver to load an arbitrary class on the class path and execute a constructor on that class. \u00a0\n\n\nThis issue affects:\n\nDataDirect Connect for JDBC for Amazon Redshift: through 6.0.0.001392, fixed in 6.0.0.001541\n\nDataDirect Connect for JDBC for Apache Cassandra: through 6.0.0.000805, fixed in 6.0.0.000833\n\nDataDirect Connect for JDBC for Hive: through 6.0.1.001499, fixed in 6.0.1.001628\n\nDataDirect Connect for JDBC for Apache Impala: through 6.0.0.001155, fixed in 6.0.0.001279\n\nDataDirect Connect for JDBC for Apache SparkSQL: through 6.0.1.001222, fixed in 6.0.1.001344\n\nDataDirect Connect for JDBC Autonomous REST Connector: through 6.0.1.006961, fixed in 6.0.1.007063\n\nDataDirect Connect for JDBC for DB2: through 6.0.0.000717, fixed in 6.0.0.000964\n\nDataDirect Connect for JDBC for Google Analytics 4: through 6.0.0.000454, fixed in 6.0.0.000525\n\nDataDirect Connect for JDBC for Google BigQuery: through 6.0.0.002279, fixed in 6.0.0.002410\nDataDirect Connect for JDBC for Greenplum: through 6.0.0.001712, fixed in 6.0.0.001727\nDataDirect Connect for JDBC for Informix: through 6.0.0.000690, fixed in 6.0.0.0851\n\n\nDataDirect Connect for JDBC for Microsoft Dynamics 365: through 6.0.0.003161, fixed in 6.0.0.3198\n\nDataDirect Connect for JDBC for Microsoft SQLServer: through 6.0.0.001936, fixed in 6.0.0.001957\n\nDataDirect Connect for JDBC for Microsoft Sharepoint: through 6.0.0.001559, fixed in 6.0.0.001587\n\nDataDirect Connect for JDBC for MongoDB: through 6.1.0.001654, fixed in 6.1.0.001669\n\nDataDirect Connect for JDBC for MySQL: through 5.1.4.000330, fixed in 5.1.4.000364\n\nDataDirect Connect for JDBC for Oracle Database: through 6.0.0.001747, fixed in 6.0.0.001776\n\nDataDirect Connect for JDBC for Oracle Eloqua: through 6.0.0.001438, fixed in 6.0.0.001458\n\nDataDirect Connect for JDBC for Oracle Sales Cloud: through 6.0.0.001225, fixed in 6.0.0.001316\n\nDataDirect Connect for JDBC for Oracle Service Cloud: through 5.1.4.000298, fixed in 5.1.4.000309\nDataDirect Connect for JDBC for PostgreSQL: through 6.0.0.001843, fixed in 6.0.0.001856\n\nDataDirect Connect for JDBC for Progress OpenEdge: through 5.1.4.000187, fixed in 5.1.4.000189\n\nDataDirect Connect for JDBC for Salesforce: through 6.0.0.003020, fixed in 6.0.0.003125\nDataDirect Connect for JDBC for SAP HANA: through 6.0.0.000879, product retired\n\nDataDirect Connect for JDBC for SAP S/4 HANA: through 6.0.1.001818, fixed in 6.0.1.001858\n\nDataDirect Connect for JDBC for Sybase ASE: through 5.1.4.000161, fixed in 5.1.4.000162\n\nDataDirect Connect for JDBC for Snowflake: through 6.0.1.001821, fixed in 6.0.1.001856\n\nDataDirect Hybrid Data Pipeline Server: through 4.6.2.3309, fixed in 4.6.2.3430\n\nDataDirect Hybrid Data Pipeline JDBC Driver: through 4.6.2.0607, fixed in 4.6.2.1023\n\nDataDirect Hybrid Data Pipeline On Premises Connector: through 4.6.2.1223, fixed in 4.6.2.1339\nDataDirect Hybrid Data Pipeline Docker: through 4.6.2.3316, fixed in 4.6.2.3430\n\nDataDirect OpenAccess JDBC Driver: through 8.1.0.0177, fixed in 8.1.0.0183\n\nDataDirect OpenAccess JDBC Driver: through 9.0.0.0019, fixed in 9.0.0.0022"
}
],
"impacts": [
{
"capecId": "CAPEC-253",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-253 Remote Code Inclusion"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T15:46:26.699Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://community.progress.com/s/article/Progress-DataDirect-Critical-Security-Product-Alert-Bulletin-November-2025"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-10702",
"datePublished": "2025-11-19T15:46:26.699Z",
"dateReserved": "2025-09-18T19:40:24.114Z",
"dateUpdated": "2025-11-20T04:55:24.080Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10932 (GCVE-0-2025-10932)
Vulnerability from cvelistv5
Published
2025-10-29 14:12
Modified
2025-10-29 14:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-400 - Uncontrolled Resource Consumption
Summary
Uncontrolled Resource Consumption vulnerability in Progress MOVEit Transfer (AS2 module).This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.3, from 2024.1.0 before 2024.1.7, from 2023.1.0 before 2023.1.16.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress | MOVEit Transfer |
Version: 2025.0.0 ≤ Version: 2024.1.0 ≤ Version: 2023.1.0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10932",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-29T14:32:20.694306Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-29T14:33:14.601Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"AS2"
],
"product": "MOVEit Transfer",
"vendor": "Progress",
"versions": [
{
"lessThan": "2025.0.3",
"status": "affected",
"version": "2025.0.0",
"versionType": "semver"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024.1.0",
"versionType": "semver"
},
{
"lessThan": "2023.1.16",
"status": "affected",
"version": "2023.1.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Uncontrolled Resource Consumption vulnerability in Progress MOVEit Transfer (AS2 module).\u003cp\u003eThis issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.3, from 2024.1.0 before 2024.1.7, from 2023.1.0 before 2023.1.16.\u003c/p\u003e"
}
],
"value": "Uncontrolled Resource Consumption vulnerability in Progress MOVEit Transfer (AS2 module).This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.3, from 2024.1.0 before 2024.1.7, from 2023.1.0 before 2023.1.16."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-29T14:12:33.439Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://community.progress.com/s/article/MOVEit-Transfer-Vulnerability-CVE-2025-10932-October-29-2025"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "AS2 module allows uncontrolled file uploads",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-10932",
"datePublished": "2025-10-29T14:12:33.439Z",
"dateReserved": "2025-09-24T17:13:32.630Z",
"dateUpdated": "2025-10-29T14:33:14.601Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-7840 (GCVE-0-2024-7840)
Vulnerability from cvelistv5
Published
2024-10-09 14:41
Modified
2025-11-03 19:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Summary
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a command injection attack is possible through improper neutralization of hyperlink elements.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Telerik Reporting |
Version: 18.2.24.806 < 18.2.24.924 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:progress:telerik_reporting:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "telerik_reporting",
"vendor": "progress",
"versions": [
{
"lessThan": "18.2.24.924",
"status": "affected",
"version": "18.2.24.806",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7840",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T16:15:28.274791Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T16:26:04.365Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:34:43.663Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20250425-0004/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Telerik Reporting",
"vendor": "Progress Software",
"versions": [
{
"lessThan": "18.2.24.924",
"status": "affected",
"version": "18.2.24.806",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a command injection attack is possible through improper neutralization of hyperlink elements."
}
],
"value": "In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a command injection attack is possible through improper neutralization of hyperlink elements."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-10T14:57:12.659Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://docs.telerik.com/reporting/knowledge-base/command-injection-cve-2024-7840"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper neutralization special element in hyperlinks",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2024-7840",
"datePublished": "2024-10-09T14:41:40.048Z",
"dateReserved": "2024-08-15T14:49:50.454Z",
"dateUpdated": "2025-11-03T19:34:43.663Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-8048 (GCVE-0-2024-8048)
Vulnerability from cvelistv5
Published
2024-10-09 14:18
Modified
2025-11-03 19:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-470 - Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
Summary
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible using object injection via insecure expression evaluation.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Telerik Reporting |
Version: 18.2.24.806 < 18.2.24.924 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:progress_software:telerik_reporting:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "telerik_reporting",
"vendor": "progress_software",
"versions": [
{
"lessThan": "18.2.24.924",
"status": "affected",
"version": "18.2.24.806",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8048",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T16:01:30.452924Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T16:02:57.533Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:34:46.500Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20250425-0004/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Standalone Desktop Report Designer"
],
"platforms": [
"Windows"
],
"product": "Telerik Reporting",
"vendor": "Progress Software",
"versions": [
{
"lessThan": "18.2.24.924",
"status": "affected",
"version": "18.2.24.806",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Markus Wulftange with CODE WHITE GmbH."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible using object injection via insecure expression evaluation.\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible using object injection via insecure expression evaluation."
}
],
"impacts": [
{
"capecId": "CAPEC-586",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-586 Object Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-470",
"description": "CWE-470 Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T14:18:56.968Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"url": "https://docs.telerik.com/reporting/knowledge-base/insecure-expression-evaluation-cve-2024-8048"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Telerik Reporting Insecure Expression Evaluation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2024-8048",
"datePublished": "2024-10-09T14:18:56.968Z",
"dateReserved": "2024-08-21T17:18:57.546Z",
"dateUpdated": "2025-11-03T19:34:46.500Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-8014 (GCVE-0-2024-8014)
Vulnerability from cvelistv5
Published
2024-10-09 14:16
Modified
2025-11-03 19:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-470 - Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
Summary
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible through object injection via an insecure type resolution vulnerability.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Telerik Reporting |
Version: 18.2.24.806 < 18.2.24.924 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:progress_software:telerik_reporting:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "telerik_reporting",
"vendor": "progress_software",
"versions": [
{
"lessThan": "18.2.24.924",
"status": "affected",
"version": "18.2.24.806",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8014",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T16:04:54.577886Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T16:05:56.794Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:34:45.119Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20250425-0004/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Telerik Reporting",
"vendor": "Progress Software",
"versions": [
{
"lessThan": "18.2.24.924",
"status": "affected",
"version": "18.2.24.806",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Markus Wulftange with CODE WHITE GmbH."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible through object injection via an insecure type resolution vulnerability.\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible through object injection via an insecure type resolution vulnerability."
}
],
"impacts": [
{
"capecId": "CAPEC-586",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-586 Object Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-470",
"description": "CWE-470 Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T14:16:33.764Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://docs.telerik.com/reporting/knowledge-base/insecure-type-resolution-cve-2024-8014"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Telerik Reporting EntityDataSource Insecure Type Resolution",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2024-8014",
"datePublished": "2024-10-09T14:16:33.764Z",
"dateReserved": "2024-08-20T16:06:14.930Z",
"dateUpdated": "2025-11-03T19:34:45.119Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-6670 (GCVE-0-2024-6670)
Vulnerability from cvelistv5
Published
2024-08-29 22:04
Modified
2025-10-21 22:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Summary
In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software Corporation | WhatsUp Gold |
Version: 2023.1.0 ≤ |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:progress:whatsupgold:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "whatsupgold",
"vendor": "progress",
"versions": [
{
"lessThan": "2024.0.0",
"status": "affected",
"version": "2023.1.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6670",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T22:06:14.229470Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-09-16",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-6670"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:46.285Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-6670"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-09-16T00:00:00+00:00",
"value": "CVE-2024-6670 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"API Endpoint"
],
"platforms": [
"Windows"
],
"product": "WhatsUp Gold",
"vendor": "Progress Software Corporation",
"versions": [
{
"lessThan": "2024.0.0",
"status": "affected",
"version": "2023.1.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) working with Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In WhatsUp Gold versions released before 2024.0.0,\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003ea SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password.\u003c/span\u003e"
}
],
"value": "In WhatsUp Gold versions released before 2024.0.0,\u00a0a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T22:04:41.139Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"tags": [
"product"
],
"url": "https://www.progress.com/network-monitoring"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-August-2024"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "WhatsUp Gold HasErrors SQL Injection Authentication Bypass Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2024-6670",
"datePublished": "2024-08-29T22:04:41.139Z",
"dateReserved": "2024-07-10T19:45:27.069Z",
"dateUpdated": "2025-10-21T22:55:46.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-4885 (GCVE-0-2024-4885)
Vulnerability from cvelistv5
Published
2024-06-25 19:48
Modified
2025-10-21 22:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Summary
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold. The
WhatsUp.ExportUtilities.Export.GetFileWithoutZip
allows execution of commands with iisapppool\nmconsole privileges.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software Corporation | WhatsUp Gold |
Version: 2023.1.0 ≤ |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:progress:whatsup_gold:2023.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "whatsup_gold",
"vendor": "progress",
"versions": [
{
"lessThan": "2023.1.3",
"status": "affected",
"version": "2023.1.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4885",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-03T20:12:05.609998Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-03-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-4885"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:56:21.609Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-4885"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-03-03T00:00:00+00:00",
"value": "CVE-2024-4885 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:55:10.084Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"product",
"x_transferred"
],
"url": "https://www.progress.com/network-monitoring"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"API Endpoint"
],
"platforms": [
"Windows"
],
"product": "WhatsUp Gold",
"vendor": "Progress Software Corporation",
"versions": [
{
"lessThan": "2023.1.3",
"status": "affected",
"version": "2023.1.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) working with Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In WhatsUp Gold versions released before 2023.1.3,\u003cspan style=\"background-color: rgba(161, 189, 217, 0.08);\"\u003e\u0026nbsp;an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold.\u0026nbsp;\u0026nbsp;T\u003cspan style=\"background-color: rgba(161, 189, 217, 0.08);\"\u003ehe \u003c/span\u003e\u003ccode\u003e\n\nWhatsUp.ExportUtilities.Export.GetFileWithoutZip\n\n\u003c/code\u003e\n\n allows execution of commands with \u003c/span\u003e\u003ccode\u003eiisapppool\\nmconsole\u003c/code\u003e\u003cspan style=\"background-color: rgba(161, 189, 217, 0.08);\"\u003e privileges.\u003c/span\u003e"
}
],
"value": "In WhatsUp Gold versions released before 2023.1.3,\u00a0an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold.\u00a0\u00a0The \n\nWhatsUp.ExportUtilities.Export.GetFileWithoutZip\n\n\n\n allows execution of commands with iisapppool\\nmconsole privileges."
}
],
"impacts": [
{
"capecId": "CAPEC-113",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-113 API Manipulation"
}
]
},
{
"capecId": "CAPEC-562",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-562 Modify Shared File"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-25T19:48:15.268Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"tags": [
"product"
],
"url": "https://www.progress.com/network-monitoring"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "WhatsUp Gold GetFileWithoutZip Directory Traversal Remote Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2024-4885",
"datePublished": "2024-06-25T19:48:15.268Z",
"dateReserved": "2024-05-14T18:28:11.852Z",
"dateUpdated": "2025-10-21T22:56:21.609Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-1212 (GCVE-0-2024-1212)
Vulnerability from cvelistv5
Published
2024-02-21 17:39
Modified
2025-10-21 23:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | LoadMaster |
Version: 7.2.48.1 ≤ Version: 7.2.54.0 ≤ Version: 7.2.55.0 ≤ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:33:24.842Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"product",
"x_transferred"
],
"url": "https://kemptechnologies.com/"
},
{
"tags": [
"product",
"x_transferred"
],
"url": "https://freeloadbalancer.com/"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://support.kemptechnologies.com/hc/en-us/articles/24325072850573-Release-Notice-LMOS-7-2-59-2-7-2-54-8-7-2-48-10-CVE-2024-1212"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://support.kemptechnologies.com/hc/en-us/articles/23878931058445-LoadMaster-Security-Vulnerability-CVE-2024-1212"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:kemptechnologies:loadmaster:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "loadmaster",
"vendor": "kemptechnologies",
"versions": [
{
"lessThan": "7.2.48.10",
"status": "affected",
"version": "7.2.48.1",
"versionType": "custom"
},
{
"lessThan": "7.2.54.8",
"status": "affected",
"version": "7.2.54.0",
"versionType": "custom"
},
{
"lessThan": "7.2.59.2",
"status": "affected",
"version": "7.2.55.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:kemptechnologies:loadmaster:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "loadmaster",
"vendor": "kemptechnologies",
"versions": [
{
"lessThan": "7.2.48.10",
"status": "affected",
"version": "7.2.48.1",
"versionType": "custom"
},
{
"lessThan": "7.2.54.8",
"status": "affected",
"version": "7.2.54.0",
"versionType": "custom"
},
{
"lessThan": "7.2.59.2",
"status": "affected",
"version": "7.2.55.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:kemptechnologies:loadmaster:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "loadmaster",
"vendor": "kemptechnologies",
"versions": [
{
"lessThan": "7.2.48.10",
"status": "affected",
"version": "7.2.48.1",
"versionType": "custom"
},
{
"lessThan": "7.2.54.8",
"status": "affected",
"version": "7.2.54.0",
"versionType": "custom"
},
{
"lessThan": "7.2.59.2",
"status": "affected",
"version": "7.2.55.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1212",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T04:55:44.568916Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-11-18",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-1212"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:23.864Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-1212"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-18T00:00:00+00:00",
"value": "CVE-2024-1212 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"LoadMaster Management Interface"
],
"platforms": [
"Linux"
],
"product": "LoadMaster",
"vendor": "Progress Software",
"versions": [
{
"lessThan": "7.2.48.10",
"status": "affected",
"version": "7.2.48.1",
"versionType": "semver"
},
{
"lessThan": "7.2.54.8",
"status": "affected",
"version": "7.2.54.0",
"versionType": "semver"
},
{
"lessThan": "7.2.59.2",
"status": "affected",
"version": "7.2.55.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Rhino Security Labs"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUnauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.\n\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-113",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-113 API Manipulation"
}
]
},
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
},
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-21T20:45:42.781Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"tags": [
"product"
],
"url": "https://kemptechnologies.com/"
},
{
"tags": [
"product"
],
"url": "https://freeloadbalancer.com/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://support.kemptechnologies.com/hc/en-us/articles/24325072850573-Release-Notice-LMOS-7-2-59-2-7-2-54-8-7-2-48-10-CVE-2024-1212"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://support.kemptechnologies.com/hc/en-us/articles/23878931058445-LoadMaster-Security-Vulnerability-CVE-2024-1212"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "LoadMaster Pre-Authenticated OS Command Injection",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2024-1212",
"datePublished": "2024-02-21T17:39:12.599Z",
"dateReserved": "2024-02-02T18:16:01.280Z",
"dateUpdated": "2025-10-21T23:05:23.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-40044 (GCVE-0-2023-40044)
Vulnerability from cvelistv5
Published
2023-09-27 14:48
Modified
2025-10-21 23:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-502 - Deserialization of Untrusted Data
Summary
In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system.
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software Corporation | WS_FTP Server |
Version: 8.8.0 ≤ Version: 8.7.0 ≤ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:24:54.913Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"product",
"x_transferred"
],
"url": "https://www.progress.com/ws_ftp"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.theregister.com/2023/10/02/ws_ftp_update/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.rapid7.com/blog/post/2023/09/29/etr-critical-vulnerabilities-in-ws_ftp-server/"
},
{
"tags": [
"x_transferred"
],
"url": "https://attackerkb.com/topics/bn32f9sNax/cve-2023-40044"
},
{
"tags": [
"x_transferred"
],
"url": "https://censys.com/cve-2023-40044/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.assetnote.io/resources/research/rce-in-progress-ws-ftp-ad-hoc-via-iis-http-modules-cve-2023-40044"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/174917/Progress-Software-WS_FTP-Unauthenticated-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40044",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-03T16:29:04.428335Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-10-05",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-40044"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:36.645Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-40044"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-05T00:00:00+00:00",
"value": "CVE-2023-40044 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"Ad Hoc Transfer Module"
],
"product": "WS_FTP Server",
"vendor": "Progress Software Corporation",
"versions": [
{
"lessThan": "8.8.2",
"status": "affected",
"version": "8.8.0",
"versionType": "semver"
},
{
"lessThan": "8.7.4",
"status": "affected",
"version": "8.7.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Shubham Shah - Assetnote"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Sean Yeoh - Assetnote"
}
],
"datePublic": "2023-09-27T14:47:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn WS_FTP Server versions prior to 8.7.4 and 8.8.2\u003c/span\u003e, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system.\u0026nbsp;\u0026nbsp;\u003c/p\u003e"
}
],
"value": "In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system."
}
],
"impacts": [
{
"capecId": "CAPEC-586",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-586 Object Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-04T16:06:10.768Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"tags": [
"product"
],
"url": "https://www.progress.com/ws_ftp"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023"
},
{
"url": "https://www.theregister.com/2023/10/02/ws_ftp_update/"
},
{
"url": "https://www.rapid7.com/blog/post/2023/09/29/etr-critical-vulnerabilities-in-ws_ftp-server/"
},
{
"url": "https://attackerkb.com/topics/bn32f9sNax/cve-2023-40044"
},
{
"url": "https://censys.com/cve-2023-40044/"
},
{
"url": "https://www.assetnote.io/resources/research/rce-in-progress-ws-ftp-ad-hoc-via-iis-http-modules-cve-2023-40044"
},
{
"url": "http://packetstormsecurity.com/files/174917/Progress-Software-WS_FTP-Unauthenticated-Remote-Code-Execution.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "WS_FTP Server Ad Hoc Transfer Module .NET Deserialization Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2023-40044",
"datePublished": "2023-09-27T14:48:08.190Z",
"dateReserved": "2023-08-08T19:44:41.112Z",
"dateUpdated": "2025-10-21T23:05:36.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-34362 (GCVE-0-2023-34362)
Vulnerability from cvelistv5
Published
2023-06-02 00:00
Modified
2025-10-21 23:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database, and execute SQL statements that alter or delete database elements. NOTE: this is exploited in the wild in May and June 2023; exploitation of unpatched systems can occur via HTTP or HTTPS. All versions (e.g., 2020.0 and 2019x) before the five explicitly mentioned versions are affected, including older unsupported versions.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:progress:moveit_transfer:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "moveit_transfer",
"vendor": "progress",
"versions": [
{
"lessThan": "2020.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:progress:moveit_transfer:2020.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "moveit_transfer",
"vendor": "progress",
"versions": [
{
"status": "affected",
"version": "2020.1"
}
]
},
{
"cpes": [
"cpe:2.3:a:progress:moveit_transfer:2021.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "moveit_transfer",
"vendor": "progress",
"versions": [
{
"lessThan": "2021.0.7",
"status": "affected",
"version": "2021.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:progress:moveit_transfer:2021.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "moveit_transfer",
"vendor": "progress",
"versions": [
{
"lessThan": "2021.1.5",
"status": "affected",
"version": "2021.1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:progress:moveit_transfer:2022.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "moveit_transfer",
"vendor": "progress",
"versions": [
{
"lessThan": "2022.0.5",
"status": "affected",
"version": "2022.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:progress:moveit_transfer:2022.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "moveit_transfer",
"vendor": "progress",
"versions": [
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022.1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:progress:moveit_transfer:2023.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "moveit_transfer",
"vendor": "progress",
"versions": [
{
"lessThan": "2023.0.2",
"status": "affected",
"version": "2023.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:progress:moveit_cloud:14.1.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "moveit_cloud",
"vendor": "progress",
"versions": [
{
"lessThanOrEqual": "14.1.6.97",
"status": "affected",
"version": "14.1.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:progress:moveit_cloud:14.0.5.45:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "moveit_cloud",
"vendor": "progress",
"versions": [
{
"status": "affected",
"version": "14.0.5.45"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-34362",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-27T03:55:18.412801Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-06-02",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-34362"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:46.909Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-34362"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-06-02T00:00:00+00:00",
"value": "CVE-2023-34362 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:10:06.378Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-31May2023"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/172883/MOVEit-Transfer-SQL-Injection-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/173110/MOVEit-SQL-Injection.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer\u0027s database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database, and execute SQL statements that alter or delete database elements. NOTE: this is exploited in the wild in May and June 2023; exploitation of unpatched systems can occur via HTTP or HTTPS. All versions (e.g., 2020.0 and 2019x) before the five explicitly mentioned versions are affected, including older unsupported versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-23T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-31May2023"
},
{
"url": "http://packetstormsecurity.com/files/172883/MOVEit-Transfer-SQL-Injection-Remote-Code-Execution.html"
},
{
"url": "http://packetstormsecurity.com/files/173110/MOVEit-SQL-Injection.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-34362",
"datePublished": "2023-06-02T00:00:00.000Z",
"dateReserved": "2023-06-02T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:05:46.909Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-9248 (GCVE-0-2017-9248)
Vulnerability from cvelistv5
Published
2017-07-03 19:00
Modified
2025-10-21 23:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection mechanisms, leading to a MachineKey leak, arbitrary file uploads or downloads, XSS, or ASP.NET ViewState compromise.
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:02:43.945Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.telerik.com/support/kb/aspnet-ajax/details/cryptographic-weakness"
},
{
"name": "43873",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/43873/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.telerik.com/blogs/security-alert-for-telerik-ui-for-asp.net-ajax-and-progress-sitefinity"
},
{
"name": "99965",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99965"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2017-9248",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T14:09:07.956325Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-9248"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:55:39.141Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-9248"
}
],
"timeline": [
{
"lang": "en",
"time": "2021-11-03T00:00:00+00:00",
"value": "CVE-2017-9248 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection mechanisms, leading to a MachineKey leak, arbitrary file uploads or downloads, XSS, or ASP.NET ViewState compromise."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-27T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.telerik.com/support/kb/aspnet-ajax/details/cryptographic-weakness"
},
{
"name": "43873",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/43873/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.telerik.com/blogs/security-alert-for-telerik-ui-for-asp.net-ajax-and-progress-sitefinity"
},
{
"name": "99965",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99965"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-9248",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection mechanisms, leading to a MachineKey leak, arbitrary file uploads or downloads, XSS, or ASP.NET ViewState compromise."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.telerik.com/support/kb/aspnet-ajax/details/cryptographic-weakness",
"refsource": "CONFIRM",
"url": "http://www.telerik.com/support/kb/aspnet-ajax/details/cryptographic-weakness"
},
{
"name": "43873",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43873/"
},
{
"name": "http://www.telerik.com/blogs/security-alert-for-telerik-ui-for-asp.net-ajax-and-progress-sitefinity",
"refsource": "CONFIRM",
"url": "http://www.telerik.com/blogs/security-alert-for-telerik-ui-for-asp.net-ajax-and-progress-sitefinity"
},
{
"name": "99965",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99965"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-9248",
"datePublished": "2017-07-03T19:00:00.000Z",
"dateReserved": "2017-05-28T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:55:39.141Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}