Progress OpenEdge PASOE Local Authentication Bypass via MS Agent (CVE-2024-7345)

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability Description: - Title: Direct local client connections to MS Agents can bypass authentication - Description: Direct local client connections to MS Agents can bypass authentication. 2. Affected Versions: - Affected Versions: OpenEdge LTS Release 11.7.18 and earlier, OpenEdge LTS Release 12.2.13 and earlier - Fixed Versions: OpenEdge LTS Update 11.7.19 or later, OpenEdge LTS Update 12.2.14 or later 3. Remediation Measures: - Measure 1: Add a new timeout property to limit the request timeout duration. - Measure 2: Identify direct connection requests to MS Agents and protect the system by closing the socket and reporting potential events. - Measure 3: Use the “AppServer.SessMgr.agentHost” property to exclusively set the host machine. 4. Known Business Impact: - Description: Local login to PASOE system can bypass PASOE authentication, potentially inheriting access beyond the user’s existing local permissions. 5. Upgrade Recommendation: - Recommendation: Upgrade to the latest OpenEdge LTS versions 11.7.20 and 12.2.16. 6. Temporary Mitigation Measures: - Measure: It is recommended that PASOE deployments follow best practices to restrict services and access to PASOE instance resources. 7. Other References: - CVE ID: CVE-2024-7345 8. Contact Information: - Technical Support: For any questions, concerns, or issues, please log in and open a new technical support case. This information provides a detailed description of the vulnerability, affected versions, remediation measures, known business impacts, upgrade recommendations, temporary mitigation measures, and technical support contact details.

Goal Reached Thanks to every supporter — we hit 100%!

Progress OpenEdge PASOE Local Authentication Bypass via MS Agent (CVE-2024-7345)