Telerik Report Server Progress Telerik Report Server

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Progress Telerik Report Server.

By the Year

In 2025 there have been 0 vulnerabilities in Progress Telerik Report Server. Last year, in 2024 Telerik Report Server had 6 security vulnerabilities published. Right now, Telerik Report Server is on track to have less security vulnerabilities in 2025 than it did last year.

Year Vulnerabilities Average Score
2025 0 0.00
2024 6 7.68
2023 0 0.00
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Telerik Report Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Progress Telerik Report Server Security Vulnerabilities

In Progress® Telerik® Report Server: Weak Encryption Vulnerability in Local Asset Data

CVE-2024-7295 6.2 - Medium - November 13, 2024

In Progress® Telerik® Report Server versions prior to 2024 Q4 (10.3.24.1112), the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information.

Use of Hard-coded Credentials

In Progress Telerik Report Server versions prior to 2024 Q3 (10.2.24.924), a remote code execution attack is possible through object injection

CVE-2024-8015 7.2 - High - October 09, 2024

In Progress Telerik Report Server versions prior to 2024 Q3 (10.2.24.924), a remote code execution attack is possible through object injection via an insecure type resolution vulnerability.

Reflection Injection

In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806)

CVE-2024-7292 8.8 - High - October 09, 2024

In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a credential stuffing attack is possible through improper restriction of excessive login attempts.

Improper Restriction of Excessive Authentication Attempts

In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709)

CVE-2024-6327 9.8 - Critical - July 24, 2024

In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through an insecure deserialization vulnerability.

Marshaling, Unmarshaling

In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality

CVE-2024-4837 5.3 - Medium - May 15, 2024

In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via a trust boundary violation vulnerability.

In Progress® Telerik® Report Server versions prior to 2024 Q1 (10.0.24.130)

CVE-2024-1800 8.8 - High - March 20, 2024

In Progress® Telerik® Report Server versions prior to 2024 Q1 (10.0.24.130), a remote code execution attack is possible through an insecure deserialization vulnerability.

Marshaling, Unmarshaling

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Progress Telerik Report Server or by Progress? Click the Watch button to subscribe.

Progress
Vendor

subscribe