CVE-2024-1403

Description

In OpenEdge Authentication Gateway and AdminServer prior to 11.7.19, 12.2.14, 12.8.1 on all platforms supported by the OpenEdge product, an authentication bypass vulnerability has been identified. The vulnerability is a bypass to authentication based on a failure to properly handle username and password. Certain unexpected content passed into the credentials can lead to unauthorized access without proper authentication.

NVD
Severity: N/A
CVE ID: CVE-2024-1403
CVSS Score: N/A
CVSS Metrics: NVD assessment not yet provided.

Progress Software Corporation
Severity: CRITICAL
CVE ID: CVE-2024-1403
CVSS Score: 10.0
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Refrence: NVD MITRE

Proof Of Concept

horizon3ai

Progress OpenEdge Authentication Bypass

Refrence: GitHub

Description​

Proof Of Concept​

Description

Proof Of Concept