Zach Hanley, Horizon3ai Chief Attack Engineer, has just published CVE-2024-1403: Progress OpenEdge Authentication Bypass Deep-Dive, a deep dive with a proof of concept link and indicators of compromise on the vuln in Progress Software’s OpenEdge application development suite.
The post follows the February 27, 2024, security advisory Progress issued for OpenEdge, their application development and deployment platform suite, warning of an auth bypass vuln impacting some platform components, stemming from a failure to properly handle username and password. Certain unexpected content passed into the credentials enables unauthorized access without authentication.
The Progress advisory linked below notes: “When the OpenEdge Authentication Gateway (OEAG) is configured with an OpenEdge Domain that uses the OS local authentication provider to grant user-id and password logins on operating platforms supported by active releases of OpenEdge, a vulnerability in the authentication routines may lead to unauthorized access on attempted logins. Similarly, when an AdminServer connection is made by OpenEdge Explorer (OEE) and OpenEdge Management (OEM), it also utilizes the OS local authentication provider on supported platforms to grant user-id and password logins that may also lead to unauthorized login access.”
Links:
Like this:
Like Loading...
Related
This entry was posted on March 6, 2024 at 4:17 pm and is filed under Commentary with tags horizon3.ai. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
PoC & IoCs for Progress Sw. OpenEdge Authentication Bypass Vulnerability
Zach Hanley, Horizon3ai Chief Attack Engineer, has just published CVE-2024-1403: Progress OpenEdge Authentication Bypass Deep-Dive, a deep dive with a proof of concept link and indicators of compromise on the vuln in Progress Software’s OpenEdge application development suite.
The post follows the February 27, 2024, security advisory Progress issued for OpenEdge, their application development and deployment platform suite, warning of an auth bypass vuln impacting some platform components, stemming from a failure to properly handle username and password. Certain unexpected content passed into the credentials enables unauthorized access without authentication.
The Progress advisory linked below notes: “When the OpenEdge Authentication Gateway (OEAG) is configured with an OpenEdge Domain that uses the OS local authentication provider to grant user-id and password logins on operating platforms supported by active releases of OpenEdge, a vulnerability in the authentication routines may lead to unauthorized access on attempted logins. Similarly, when an AdminServer connection is made by OpenEdge Explorer (OEE) and OpenEdge Management (OEM), it also utilizes the OS local authentication provider on supported platforms to grant user-id and password logins that may also lead to unauthorized login access.”
Links:
Share this:
Like this:
Related
This entry was posted on March 6, 2024 at 4:17 pm and is filed under Commentary with tags horizon3.ai. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.