Overview
Telerik Report Server has released an update to address a vulnerability in their product. Users of affected versions are advised to update to the latest version.
Affected Products
CVE-2024-6327
- Telerik Report Server 10.1.24.514 or below
Resolved Vulnerabilities
Deserialization vulnerability with possible remote code execution attack (CVE-2024-6327)
Vulnerability Patches
Vulnerability Patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.
CVE-2024-6327
- Telerik Report Server 2024 Q2 (10.1.24.709) or later
Referenced Sites
[1] CVE-2024-6327 Detail
https://nvd.nist.gov/vuln/detail/CVE-2024-6327
[2] Insecure Deserialization Vulnerability
https://docs.telerik.com/report-server/knowledge-base/deserialization-vulnerability-cve-2024-6327
Article Link: Telerik Report Server Product Security Update Advisory (CVE-2024-6327) – ASEC