The Information Highway

The Information Highway
Font size: +
  Print
2 minutes reading time (353 words)

OpenEdge authentication bypass vulnerability

573 Hits

Threat update

A critical vulnerability (CVE-2024-1403) affecting Progress Software OpenEdge Authentication Gateway and AdminServer impacts versions 11.7.18 and earlier, 12.2.13 and earlier, and 12.8.0. The vulnerability allows unauthorized access due to manipulation of username and password combinations during the authentication process. Review this Cybersecurity Threat Advisory to minimize the potential impact on your systems.

Technical Detail and Additional Info

What is the threat?

The vulnerability arises from the software's inability to validate certain username and password combinations. This weakness allows an attacker to bypass authentication checks and gain unauthorized access to protected systems.

The following OpenEdge versions are susceptible to CVE-2024-1403:

  • OpenEdge versions 11.7.18 and earlier
  • OpenEdge versions 12.2.13 and earlier
  • OpenEdge version 12.8.0

Why is it noteworthy?

The exploit targets a function called "connect()" within the AdminServer service responsible for handling remote connection attempts. By manipulating specific username and password combinations, the exploit bypasses authentication and grants unauthorized access.

What is the exposure or risk?

CVE-2024-1403 carries a maximum severity rating of 10.0 on the CVSS scoring system, indicating a critical vulnerability. An attacker can exploit this vulnerability to:

  • Gain unauthorized access: By bypassing authentication, attackers can access sensitive systems, data, and applications.
  • Escalate privileges: Once inside the system, attackers can leverage this initial foothold to escalate privileges and gain control over critical resources.
  • Deploy malicious payloads: Gaining access allows attackers to deploy malware, ransomware, or other malicious payloads to disrupt operations and steal data.

What are the recommendations?

 LBT Technology Group, LLC. recommends the following actions to limit the impact of CVE-2024-1403:

  1. Apply security patches. Update OpenEdge to the following versions:
  • OpenEdge LTS Update 11.7.19
  • OpenEdge LTS Update 12.2.14
  • OpenEdge LTS Update 12.8.1

     2. Disable any unnecessary OpenEdge services like the AdminServer to minimize the attack surface

     3. Implement network segmentation strategies to isolate critical systems and limit the potential impact of a successful attack.

     4. Monitor systems for suspicious activity and unauthorized access attempts.

References

 For more in-depth information about the recommendations, please visit the following links:


If you have any questions, please contact LBT's Sales Engineer.

0
How do you feel about this post?
Happy (0)
Love (0)
Surprised (0)
Sad (0)
Angry (0)
Tags:
Progress Software OpenEdge Authentication Gateway CVE -2024-1403) vulnerability block ​ move
Fortinet FortiClientEMS critical vulnerability
Critical Fortinet vulnerability

About the author

LBT Technology Group, LLC.

LBT Technology Group, LLC.

As we navigate our ever-evolving cyber society, LBT Technology Group believes providing comprehensive IT services to others is essential. As a Managed IT Services Provider (MSP), we are positioned to eliminate your pain points by optimizing your technology, mitigating your cyber security risk footprint, and improving your cyber resilence. The focus we place on reducing the presistent cyber security risks to the confidentiality, integrity, and availability of your information systems and our proficiency in restoring IT services in the event of a cyber attack or technology outage separates us from our competitors--WE SIMPLIFY YOUR IT EQUATION.
Author's recent posts
More posts from author

Related Posts

 

Comments

No comments made yet. Be the first to submit a comment
Friday, 17 May 2024

Captcha Image