Описание
In Progress® Telerik® Report Server, versions prior to 2025 Q1 (11.0.25.211) when using the older .NET Framework implementation, communication of non-sensitive information between the service agent process and app host process occurs over an unencrypted tunnel, which can be subjected to local network traffic sniffing.
Уязвимые конфигурации
Конфигурация 1Версия до 11.0.25.211 (исключая)
cpe:2.3:a:progress:telerik_report_server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 41%
0.00194
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-319
Связанные уязвимости
CVSS3: 8.8
github
12 месяцев назад
In Progress® Telerik® Report Server, versions prior to 2025 Q1 (11.0.25.211) when using the older .NET Framework implementation, communication of non-sensitive information between the service agent process and app host process occurs over an unencrypted tunnel, which can be subjected to local network traffic sniffing.
EPSS
Процентиль: 41%
0.00194
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-319