Telerik Report Server
Approved changes feed: RSS · Atom
cpe:2.3:a:progress_software:telerik_report_server:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Progress Software (96c4320b-2c72-5331-bd5a-d39d72393793) |
|---|---|
| Product | Telerik Report Server (7f848d9d-2903-5718-ae01-ef1079ace098) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-0556 |
vulnerable | 2026-06-03 14:58:32.417299 |
Telerik Report Server Clear Text Transmission of Agent Commands
HIGH (8.8)
In Progress® Telerik® Report Server, versions prior to 2025 Q1 (11.0.25.211) when using the older .NET Framework implementation, communication of non-sensitive information between the service agent process and app host process occurs over an unencrypted tunnel, which can be subjected to local network traffic sniffing.
Published: 2025-02-12T15:11:03.067Z
Updated: 2025-02-12T15:33:35.788Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-4837 |
vulnerable | 2026-06-03 14:57:16.291846 |
Trust Boundary Violation Vulnerability
MEDIUM (5.3)
In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via a trust boundary violation vulnerability.
Published: 2024-05-15T17:04:05.705Z
Updated: 2024-08-01T20:55:09.990Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-4357 |
vulnerable | 2026-06-03 14:57:15.283476 |
XML External Entity Processing Information Disclosure
MEDIUM (6.5)
An information disclosure vulnerability exists in Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, allows low-privilege attacker to read systems file via XML External Entity Processing.
Published: 2024-05-15T16:58:31.306Z
Updated: 2024-08-01T20:40:46.481Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.