Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-6097

In Progress® Telerik® Reporting versions prior to 2025 Q1 (19.0.25.211), information disclosure is possible by a local threat actor through an absolute path vulnerability.

Published

2025-02-12T18:15:21.977

Last Modified

2025-02-24T16:31:32.893

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

Weaknesses

Type: Secondary
CWE-36
Type: Primary
CWE-22

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	progress	telerik_reporting	< 19.0.25.211	Yes

References

https://docs.telerik.com/reporting/knowledge-base/kb-security-absolute-path-traversal-CVE-2024-6097 Vendor Advisory ([email protected])