Local ABL Client bypass of the required PASOE security checks may allow an attacker to commit unauthorized code injection into Multi-Session Agents on supported OpenEdge LTS platforms up to OpenEdge LTS 11.7.18 and LTS 12.2.13 on all supported release platforms
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:HProgress Openedge
APPProgress≤ 11.7.1812.0 – 12.2.13
Related vulnerabilities
Authentication bypass w Progress OpenEdge Authentication Gateway i AdminServer
Dowolne przesyłanie plików w Progress Application Server dla OpenEdge (PASOE)
Insecure default configuration in Progress Software OpenEdge 10.2x and 11.x allows unauthenticated remote atta...
Host name validation for TLS certificates is bypassed when the installed OpenEdge default certificates are use...
An ActiveMQ Discovery service was reachable by default from an OpenEdge Management installation when an OEE/OE...