CVE-2023-40052
published 2024-01-18CVE-2023-40052: This issue affects Progress Application Server (PAS) for OpenEdge in versions 11.7 prior to 11.7.18, 12.2 prior to 12.2.13, and innovation releases prior to…
PriorityP343high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.57%
42.9th percentile
This issue affects Progress Application Server (PAS) for OpenEdge in versions 11.7 prior to 11.7.18, 12.2 prior to 12.2.13, and innovation releases prior to 12.8.0
.
An attacker who can produce a malformed web request may cause the crash of a PASOE agent potentially disrupting the thread activities of many web application clients. Multiple of these DoS attacks could lead to the flooding of invalid requests as compared to the server’s remaining ability to process valid requests.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| progress | openedge | >= 11.7 < 11.7.18 | 11.7.18 |
| progress | openedge | >= 12.2 < 12.2.13 | 12.2.13 |
| progress | openedge_innovation | < 12.8.0 | 12.8.0 |
| progress_software_corporation | openedge | >= 11.7.0 < 11.7.18 | 11.7.18 |
| progress_software_corporation | openedge | >= 12.2.0 < 12.2.13 | 12.2.13 |
| progress_software_corporation | openedge | >= Innovation Releases < 12.8.0 | 12.8.0 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://community.progress.com/s/article/Important-Progress-OpenEdge-Product-Alert-for-Progress-Application-Server-for-OpenEdge-PASOE-Denial-of-Service-Vulnerability-in-WEB-Transporthttps://www.progress.com/openedgehttps://community.progress.com/s/article/Important-Progress-OpenEdge-Product-Alert-for-Progress-Application-Server-for-OpenEdge-PASOE-Denial-of-Service-Vulnerability-in-WEB-Transporthttps://www.progress.com/openedge
2024-01-18
Published