Vulnerability Details CVE-2024-1801
In Progress® Telerik® Reporting versions prior to 2024 Q1 (18.0.24.130), a code execution attack is possible by a local threat actor through an insecure deserialization vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 8.2%
CVSS Severity
CVSS v3 Score 7.7
References
- https://docs.telerik.com/reporting/knowledge-base/deserialization-vulnerability-cve-2024-1801-cve-2024-1856
- https://www.telerik.com/products/reporting.aspx
- https://docs.telerik.com/reporting/knowledge-base/deserialization-vulnerability-cve-2024-1801-cve-2024-1856
- https://www.telerik.com/products/reporting.aspx
Products affected by CVE-2024-1801
-
cpe:2.3:a:progress:telerik_reporting:-
-
cpe:2.3:a:progress:telerik_reporting:10.0.16.113
-
cpe:2.3:a:progress:telerik_reporting:10.0.16.204
-
cpe:2.3:a:progress:telerik_reporting:10.1.16.504
-
cpe:2.3:a:progress:telerik_reporting:10.1.16.615
-
cpe:2.3:a:progress:telerik_reporting:10.1.24.514
-
cpe:2.3:a:progress:telerik_reporting:10.2.16.1025
-
cpe:2.3:a:progress:telerik_reporting:10.2.16.914
-
cpe:2.3:a:progress:telerik_reporting:10.2.24.806
-
cpe:2.3:a:progress:telerik_reporting:11.0.17.118
-
cpe:2.3:a:progress:telerik_reporting:11.0.17.222
-
cpe:2.3:a:progress:telerik_reporting:11.0.17.406
-
cpe:2.3:a:progress:telerik_reporting:11.1.17.503
-
cpe:2.3:a:progress:telerik_reporting:11.1.17.614
-
cpe:2.3:a:progress:telerik_reporting:11.2.17.1025
-
cpe:2.3:a:progress:telerik_reporting:11.2.17.913
-
cpe:2.3:a:progress:telerik_reporting:12.0.18.117
-
cpe:2.3:a:progress:telerik_reporting:12.0.18.125
-
cpe:2.3:a:progress:telerik_reporting:12.0.18.227
-
cpe:2.3:a:progress:telerik_reporting:12.0.18.416
-
cpe:2.3:a:progress:telerik_reporting:12.1.18.516
-
cpe:2.3:a:progress:telerik_reporting:12.1.18.620
-
cpe:2.3:a:progress:telerik_reporting:12.2.18.1017
-
cpe:2.3:a:progress:telerik_reporting:12.2.18.1129
-
cpe:2.3:a:progress:telerik_reporting:12.2.18.912
-
cpe:2.3:a:progress:telerik_reporting:13.0.19.116
-
cpe:2.3:a:progress:telerik_reporting:13.0.19.222
-
cpe:2.3:a:progress:telerik_reporting:13.1.19.514
-
cpe:2.3:a:progress:telerik_reporting:13.1.19.618
-
cpe:2.3:a:progress:telerik_reporting:13.2.19.1030
-
cpe:2.3:a:progress:telerik_reporting:13.2.19.918
-
cpe:2.3:a:progress:telerik_reporting:14.0.20.115
-
cpe:2.3:a:progress:telerik_reporting:14.0.20.219
-
cpe:2.3:a:progress:telerik_reporting:14.1.20.513
-
cpe:2.3:a:progress:telerik_reporting:14.1.20.618
-
cpe:2.3:a:progress:telerik_reporting:14.2.20.1021
-
cpe:2.3:a:progress:telerik_reporting:14.2.20.916
-
cpe:2.3:a:progress:telerik_reporting:15.0.21.120
-
cpe:2.3:a:progress:telerik_reporting:15.0.21.224
-
cpe:2.3:a:progress:telerik_reporting:15.0.21.326
-
cpe:2.3:a:progress:telerik_reporting:15.1.21.512
-
cpe:2.3:a:progress:telerik_reporting:15.1.21.616
-
cpe:2.3:a:progress:telerik_reporting:15.2.21.1110
-
cpe:2.3:a:progress:telerik_reporting:15.2.21.1125
-
cpe:2.3:a:progress:telerik_reporting:15.2.21.915
-
cpe:2.3:a:progress:telerik_reporting:16.0.22.119
-
cpe:2.3:a:progress:telerik_reporting:16.0.22.225
-
cpe:2.3:a:progress:telerik_reporting:16.1.22.511
-
cpe:2.3:a:progress:telerik_reporting:16.1.22.622
-
cpe:2.3:a:progress:telerik_reporting:16.2.22.1109
-
cpe:2.3:a:progress:telerik_reporting:16.2.22.914
-
cpe:2.3:a:progress:telerik_reporting:17.0.23.118
-
cpe:2.3:a:progress:telerik_reporting:17.0.23.315
-
cpe:2.3:a:progress:telerik_reporting:17.1.23.606
-
cpe:2.3:a:progress:telerik_reporting:17.1.23.718
-
cpe:2.3:a:progress:telerik_reporting:17.2.23.1010
-
cpe:2.3:a:progress:telerik_reporting:17.2.23.1114
-
cpe:2.3:a:progress:telerik_reporting:8.2.14.1027
-
cpe:2.3:a:progress:telerik_reporting:8.2.14.1204
-
cpe:2.3:a:progress:telerik_reporting:9.0.15.225
-
cpe:2.3:a:progress:telerik_reporting:9.0.15.324
-
cpe:2.3:a:progress:telerik_reporting:9.1.15.624
-
cpe:2.3:a:progress:telerik_reporting:9.1.15.731
-
cpe:2.3:a:progress:telerik_reporting:9.2.15.1105
-
cpe:2.3:a:progress:telerik_reporting:9.2.15.1126
-
cpe:2.3:a:progress:telerik_reporting:9.2.15.930