Progress: >> Openedge >> 12.1 Security Vulnerabilities
Local ABL Client bypass of the required PASOE security checks may allow an attacker to commit unauthorized code injection into Multi-Session Agents on supported OpenEdge LTS platforms up to OpenEdge LTS 11.7.18 and LTS 12.2.13 on all supported release platforms
CVSS Score
8.3
EPSS Score
0.004
Published
2024-09-03
In Progress OpenEdge before 11.7.14 and 12.x before 12.2.9, certain SUID binaries within the OpenEdge application were susceptible to privilege escalation. If exploited, a local attacker could elevate their privileges and compromise the affected system.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-05-02