ГлавнаяУязвимости → CVE-2025-0556
8.8высокая

CVE-2025-0556

Описание

In Progress® Telerik® Report Server, versions prior to 2025 Q1 (11.0.25.211) when using the older .NET Framework implementation, communication of non-sensitive information between the service agent process and app host process occurs over an unencrypted tunnel, which can be subjected to local network traffic sniffing.

Затрагиваемое ПО
Progress Telerik report server
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Источники
https://docs.telerik.com/report-server/knowledge-base/kb-security-cleartext-transmission-cve-2025-0556