{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T21:40:17.173","vulnerabilities":[{"cve":{"id":"CVE-2024-1403","sourceIdentifier":"security@progress.com","published":"2024-02-27T16:15:45.643","lastModified":"2025-02-11T17:40:59.267","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In OpenEdge Authentication Gateway and AdminServer prior to 11.7.19, 12.2.14, 12.8.1 on all platforms supported by the OpenEdge product, an authentication bypass vulnerability has been identified.  The\nvulnerability is a bypass to authentication based on a failure to properly\nhandle username and password.  Certain unexpected\ncontent passed into the credentials can lead to unauthorized access without proper\nauthentication.    \n\n\n\n\n\n\n"},{"lang":"es","value":"En OpenEdge Authentication Gateway y AdminServer anteriores a 11.7.19, 12.2.14, 12.8.1 en todas las plataformas compatibles con el producto OpenEdge, se identificó una vulnerabilidad de omisión de autenticación. La vulnerabilidad es una omisión de la autenticación basada en una falla al manejar adecuadamente el nombre de usuario y la contraseña. Cierto contenido inesperado que se pasa a las credenciales puede provocar un acceso no autorizado sin la autenticación adecuada."}],"metrics":{"cvssMetricV31":[{"source":"security@progress.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"security@progress.com","type":"Secondary","description":[{"lang":"en","value":"CWE-305"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:progress:openedge:*:*:*:*:lts:*:*:*","versionEndExcluding":"11.7.19","matchCriteriaId":"EE51C6DF-9ADA-4C9C-9820-94DD94ADA656"},{"vulnerable":true,"criteria":"cpe:2.3:a:progress:openedge:*:*:*:*:lts:*:*:*","versionStartIncluding":"11.8","versionEndExcluding":"12.2.14","matchCriteriaId":"6BD175A1-83AF-410B-9CEE-C9B65F32F3B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:progress:openedge:*:*:*:*:lts:*:*:*","versionStartIncluding":"12.3","versionEndExcluding":"12.8.1","matchCriteriaId":"D2D98FDE-6A77-4604-904C-43ABCE323D48"}]}]}],"references":[{"url":"https://community.progress.com/s/article/Important-Critical-Alert-for-OpenEdge-Authentication-Gateway-and-AdminServer","source":"security@progress.com","tags":["Vendor Advisory"]},{"url":"https://www.progress.com/openedge","source":"security@progress.com","tags":["Product"]},{"url":"https://community.progress.com/s/article/Important-Critical-Alert-for-OpenEdge-Authentication-Gateway-and-AdminServer","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.progress.com/openedge","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}}]}