CVE-2024-4837

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published May 15, 2024

CWE ID 200

Summary

CVE-2024-4837 is a vulnerability affecting Telerik Report Server versions 10.0.24.305 and earlier, running on IIS. An unauthenticated attacker can exploit this trust boundary violation to gain unauthorized access to restricted functionality of the Telerik Report Server. This issue poses a significant risk as it allows attackers to bypass authentication requirements, potentially leading to data breaches or other malicious activities. It is important for organizations using the affected version of Telerik Report Server to apply the necessary patches as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/v6Qb_G
https://www.cve.org/CVERecord?id=CVE-2024-4837
https://nvd.nist.gov/vuln/detail/CVE-2024-4837

Back to Vulnerability Database

CVE-2024-4837

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations