Openedge
Monthly
Progress OpenEdge 12.2.0-12.2.18 and 12.8.0-12.8.9 expose stored passwords and secrets to decryption through cryptographically weak OECH1 prefix encoding. Remote unauthenticated attackers can exploit this weakness to recover obfuscated credentials and sensitive data (CVSS 9.1, VC:H/VI:H). No public exploit identified at time of analysis, but the vulnerability is automatable with total technical impact per SSVC framework, making credential harvesting straightforward once encoding is accessed.
Progress OpenEdge AdminServer exposes authenticated RMI methods allowing arbitrary file reads with escalated OS privileges across versions 12.2.0-12.2.18. Authenticated administrators can abuse setFile() and openFile() RMI methods to read sensitive files beyond their intended access level, leveraging the AdminServer process's elevated system permissions. EPSS data not available; no CISA KEV listing indicates no confirmed active exploitation, though SSVC marks exploitation status as 'none' with partial technical impact. The vulnerable methods have been removed in patched versions.
Progress OpenEdge 12.2.0-12.2.18 and 12.8.0-12.8.9 expose stored passwords and secrets to decryption through cryptographically weak OECH1 prefix encoding. Remote unauthenticated attackers can exploit this weakness to recover obfuscated credentials and sensitive data (CVSS 9.1, VC:H/VI:H). No public exploit identified at time of analysis, but the vulnerability is automatable with total technical impact per SSVC framework, making credential harvesting straightforward once encoding is accessed.
Progress OpenEdge AdminServer exposes authenticated RMI methods allowing arbitrary file reads with escalated OS privileges across versions 12.2.0-12.2.18. Authenticated administrators can abuse setFile() and openFile() RMI methods to read sensitive files beyond their intended access level, leveraging the AdminServer process's elevated system permissions. EPSS data not available; no CISA KEV listing indicates no confirmed active exploitation, though SSVC marks exploitation status as 'none' with partial technical impact. The vulnerable methods have been removed in patched versions.