Vulnerability Details CVE-2025-0556
In Progress® Telerik® Report Server, versions prior to 2025 Q1 (11.0.25.211) when using the older .NET Framework implementation, communication of non-sensitive information between the service agent process and app host process occurs over an unencrypted tunnel, which can be subjected to local network traffic sniffing.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.6%
CVSS Severity
CVSS v3 Score 8.8
Products affected by CVE-2025-0556
-
cpe:2.3:a:progress:telerik_report_server:-
-
cpe:2.3:a:progress:telerik_report_server:1.0.0
-
cpe:2.3:a:progress:telerik_report_server:1.1.15.624
-
cpe:2.3:a:progress:telerik_report_server:1.2.15.1106
-
cpe:2.3:a:progress:telerik_report_server:1.2.15.930
-
cpe:2.3:a:progress:telerik_report_server:10.0.24.130
-
cpe:2.3:a:progress:telerik_report_server:10.0.24.305
-
cpe:2.3:a:progress:telerik_report_server:10.1.24.514
-
cpe:2.3:a:progress:telerik_report_server:10.1.24.709
-
cpe:2.3:a:progress:telerik_report_server:10.2.16.1025
-
cpe:2.3:a:progress:telerik_report_server:10.2.24.806
-
cpe:2.3:a:progress:telerik_report_server:10.2.24.924
-
cpe:2.3:a:progress:telerik_report_server:10.3.24.1112
-
cpe:2.3:a:progress:telerik_report_server:10.3.24.1218
-
cpe:2.3:a:progress:telerik_report_server:2.0.16.113
-
cpe:2.3:a:progress:telerik_report_server:2.0.16.204
-
cpe:2.3:a:progress:telerik_report_server:2.1.16.504
-
cpe:2.3:a:progress:telerik_report_server:2.1.16.615
-
cpe:2.3:a:progress:telerik_report_server:2.2.16.914
-
cpe:2.3:a:progress:telerik_report_server:3.0.17.301
-
cpe:2.3:a:progress:telerik_report_server:3.0.17.406
-
cpe:2.3:a:progress:telerik_report_server:3.1.17.503
-
cpe:2.3:a:progress:telerik_report_server:3.1.17.614
-
cpe:2.3:a:progress:telerik_report_server:3.2.17.1025
-
cpe:2.3:a:progress:telerik_report_server:3.2.17.913
-
cpe:2.3:a:progress:telerik_report_server:4.0.18.117
-
cpe:2.3:a:progress:telerik_report_server:4.0.18.125
-
cpe:2.3:a:progress:telerik_report_server:4.0.18.227
-
cpe:2.3:a:progress:telerik_report_server:4.0.18.417
-
cpe:2.3:a:progress:telerik_report_server:4.1.18.516
-
cpe:2.3:a:progress:telerik_report_server:4.1.18.620
-
cpe:2.3:a:progress:telerik_report_server:4.2.18.1017
-
cpe:2.3:a:progress:telerik_report_server:4.2.18.1129
-
cpe:2.3:a:progress:telerik_report_server:4.2.18.912
-
cpe:2.3:a:progress:telerik_report_server:5.0.19.116
-
cpe:2.3:a:progress:telerik_report_server:5.0.19.222
-
cpe:2.3:a:progress:telerik_report_server:5.1.19.514
-
cpe:2.3:a:progress:telerik_report_server:5.1.19.618
-
cpe:2.3:a:progress:telerik_report_server:5.2.19.1030
-
cpe:2.3:a:progress:telerik_report_server:5.2.19.918
-
cpe:2.3:a:progress:telerik_report_server:6.0.20.115
-
cpe:2.3:a:progress:telerik_report_server:6.0.20.219
-
cpe:2.3:a:progress:telerik_report_server:6.1.20.513
-
cpe:2.3:a:progress:telerik_report_server:6.1.20.618
-
cpe:2.3:a:progress:telerik_report_server:6.2.20.1021
-
cpe:2.3:a:progress:telerik_report_server:6.2.20.916
-
cpe:2.3:a:progress:telerik_report_server:7.0.21.120
-
cpe:2.3:a:progress:telerik_report_server:7.0.21.224
-
cpe:2.3:a:progress:telerik_report_server:7.0.21.326
-
cpe:2.3:a:progress:telerik_report_server:7.1.21.512
-
cpe:2.3:a:progress:telerik_report_server:7.1.21.616
-
cpe:2.3:a:progress:telerik_report_server:7.2.21.1110
-
cpe:2.3:a:progress:telerik_report_server:7.2.21.1125
-
cpe:2.3:a:progress:telerik_report_server:7.2.21.915
-
cpe:2.3:a:progress:telerik_report_server:8.0.22.119
-
cpe:2.3:a:progress:telerik_report_server:8.0.22.225
-
cpe:2.3:a:progress:telerik_report_server:8.1.22.511
-
cpe:2.3:a:progress:telerik_report_server:8.1.22.622
-
cpe:2.3:a:progress:telerik_report_server:8.2.22.1109
-
cpe:2.3:a:progress:telerik_report_server:8.2.22.914
-
cpe:2.3:a:progress:telerik_report_server:9.0.23.118
-
cpe:2.3:a:progress:telerik_report_server:9.0.23.315
-
cpe:2.3:a:progress:telerik_report_server:9.1.23.606
-
cpe:2.3:a:progress:telerik_report_server:9.1.23.718
-
cpe:2.3:a:progress:telerik_report_server:9.2.23.1010
-
cpe:2.3:a:progress:telerik_report_server:9.2.23.1114
-
cpe:2.3:a:progress:telerik_report_server:9.2.24.305