Authentication Bypass by Spoofing (CVE-2024-4358) #shorts #breaking

CVE

This CVE relates to an Authentication Bypass by Spoofing vulnerability. It has existed for approximately 2 months and is not considered a zero-day. It can be exploited using a proof-of-concept tool that chains CVE-2024-4358 and CVE-2024-1800. The main target is Telerik Report Server versions earlier than 10.1.24.514, specifically those running on Internet Information Services (IIS). While the extent of attacks is currently unknown, the primary risk is unauthorized access to restricted functionalities within the Telerik Report Server. This means a hacker could potentially manipulate or retrieve sensitive information without proper authorization.

Watch the full video on YouTube: CVE-2024-4358

Remediation and exploitation details

This chain involves the following actors

This following systems are involved

Attack entry point

Remediation actions

Exploitation actions

Related Content

NOTE: The following related content has not been vetted and may be unsafe.

CVE database technical details

CVE ID
CVE-2024-4358
Description
In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability.
Provider
ProgressSoftware
CWE / problem types
CWE-290 Authentication Bypass by Spoofing
Affected Software Versions
Progress Software Corporation:Telerik Report Server:[{'lessThan': '10.1.24.514', 'status': 'affected', 'version': '1.0.0', 'versionType': 'semver'}]
Date Published
2024-05-29T14:51:21.612Z
Last Updated
2024-08-01T20:40:46.999Z