Vulnerabilities > Progress > Openedge > 12.3

DATE CVE VULNERABILITY TITLE RISK
2024-02-27 CVE-2024-1403 Unspecified vulnerability in Progress Openedge
In OpenEdge Authentication Gateway and AdminServer prior to 11.7.19, 12.2.14, 12.8.1 on all platforms supported by the OpenEdge product, an authentication bypass vulnerability has been identified.  The vulnerability is a bypass to authentication based on a failure to properly handle username and password.
network
low complexity
progress
critical
9.8
2023-06-23 CVE-2023-34203 Injection vulnerability in Progress Openedge, Openedge Explorer and Openedge Management
In Progress OpenEdge OEM (OpenEdge Management) and OEE (OpenEdge Explorer) before 12.7, a remote user (who has any OEM or OEE role) could perform a URL injection attack to change identity or role membership, e.g., escalate to admin.
network
low complexity
progress CWE-74
8.8