First published: Tue Sep 03 2024(Updated: )
Local ABL Client bypass of the required PASOE security checks may allow an attacker to commit unauthorized code injection into Multi-Session Agents on supported OpenEdge LTS platforms up to OpenEdge LTS 11.7.18 and LTS 12.2.13 on all supported release platforms
Credit: security@progress.com
Affected Software | Affected Version | How to fix |
---|---|---|
Progress OpenEdge | <=11.7.18 | |
Progress OpenEdge | >=12.0<=12.2.13 |
Use the 12.8.0 or above LTS release where the vulnerability does not exist
Use the 12.2 LTS release at the 12.2.14 Update level or above
Use the 11.7 LTS release at the 11.7.19 Update level or above
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.