Kritische Sicherheitslücken: Telerik Report Server auf meereren Wegen angreifbar

Administrators of Unternehmen, the Telerik Report Server zum Erstellen of another Geschäftsbericht utilities, sollten the Reportmanagementsolution from Security Greens to the active Stand.

Anzeige

Andernfalls can solve more problems and problems and exclude the autumn code, a system of compromise. Davon made another version. The following notification provides administrator links that administrators can use to enable and restore the Telerik Report Server.

The security luck

I am gracefully gilded with a “critical“Schachstelle (CVE-2024-4358) performed an erroneous check on the native functions of the Telerik Report Server. If there is a problem, the Entwickler cannot proceed any further.

With the system in place, the administrators die Ausgabe 2024 Q2 (10.1.24.514) install. All previous versions are solen angreifbar sein. After the installation is not completed, the admin server may use a temporary URL rewrite warning.

Sets Angreifer erolgreich an einer weiteren “critical“Lücke (CVE-2024-8015) und kan Schadcode auf Systeme gelangen. Das kan een über noch e Schwachstelle (CVE-2024-8014”)hoch“) shed.

There is no mention of a system dating (CVE-2024-4357″Mittel“). Leader of the Entwickler is no more, while administrators are attacking the system. In the warning message, it is not the case that the administrators are carrying out offensive attacks.

Make sure you have installed Telerik software in September in the course of time for Schlagzeilen, while the Entwickler has created more Sicherheitslücken in Telerik UI for WPF.

(des)