Description

In ProgressĀ® TelerikĀ® Report Server, versions prior to 2025 Q1 (11.0.25.211) when using the older .NET Framework implementation, communication of non-sensitive information between the service agent process and app host process occurs over an unencrypted tunnel, which can be subjected to local network traffic sniffing.

INFO

Published Date :

2025-02-12T15:11:03.067Z

Last Modified :

2025-02-12T15:33:35.788Z

Source :

ProgressSoftware
AFFECTED PRODUCTS

The following products are affected by CVE-2025-0556 vulnerability.

Vendors Products
Progress
  • Telerik Report Server
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-0556.

URL Resource
https://docs.telerik.com/report-server/knowledge-base/kb-security-cleartext-transmission-cve-2025-0556 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact