CVE-2023-40052

Summary

CVE-2023-40052 is a vulnerability affecting Progress Application Server (PAS) for OpenEdge in versions 11.7 up to 11.7.18, 12.2 up to 12.2.13, and innovation releases prior to 12.8.0. An attacker can exploit this issue by delivering malformed web requests to trigger a crash of a PASOE agent. This disruption can potentially flood the server with an excessive number of invalid requests, overwhelming its capacity to process valid ones. The result is a denial-of-service (DoS) attack that can significantly impact the performance and availability of web applications running on the affected PAS installation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.