Skip to content Skip to footer

A security flaw in Progress Software’s OpenEdge software has been demonstrated.

A critical security has been discovered in the Progress Software OpenEdge Authentication Gateway and AdminServer. This could lead to unauthorized access to sensitive data on compromised systems. The has been tracked as -2024-1403 and has a maximum severity rating of 10.0 on the Common Scoring System (CVSS).

The can be exploited to bypass authentication protections when the OpenEdge Authentication Gateway (OEAG) is configured with an OpenEdge Domain that uses the OS local authentication provider. This can lead to unauthorized access on attempted logins. Similarly, when an AdminServer connection is made by OpenEdge Explorer (OEE) and OpenEdge Management (OEM), it utilizes the OS local authentication provider, potentially allowing unauthorized login access.

The was caused by incorrect handling of unexpected usernames and passwords in the authentication routines. This flaw has been addressed in the latest versions of OpenEdge LTS, including 11.7.19, 12.2.14, and 12.8.1.

Horizon3.ai has reverse-engineered the vulnerable AdminServer service and has released a proof-of-concept (PoC) for CVE-2024-1403. The researchers have identified that the issue lies in a function called connect(), which is invoked when a remote connection is made. This function then calls another function, authorizeUser(), which validates the supplied credentials and passes control to another part of the code for direct authentication if the username matches “NT AUTHORITYSYSTEM.”

Security researcher Zach Hanley has stated there may be potential for via built-in functionality. Still, it would require significant research effort due to the complexity of the attack surface. However, he also believes there may be an avenue for deploying new applications via remote WAR file references.

In conclusion, users of OpenEdge versions 11.7.18 and earlier, 12.2.13 and earlier, and 12.8.0 should update to the latest versions to protect against potential exploitation of this . It is important to note that the has been addressed in the latest versions of OpenEdge LTS, which include a fix for the flaw and will prevent unauthorized access.

Leave a comment

Newsletter Signup
Address

The Grid —
The Matrix Has Me
Big Bear Lake, CA 92315

01010011 01111001 01110011 01110100 01100101 01101101 00100000
01000110 01100001 01101001 01101100 01110101 01110010 01100101

What do all men with power want? More powerThe Oracle

Deitasoft © 2024. All Rights Reserved.