chore: add KB for CVE 2024-6327 (#182)

* chore: add KB for CVE 2024-6327 added KB articles for CVE 2024-6327 (RS, 9.9) Refs: [#2571](telerik/reporting#2571) * Update deserialization-vulnerability-cve-2024-6327.md --------- Co-authored-by: Todor Arabadzhiev <[email protected]>
telerik · Jul 24, 2024 · 02abd11 · 02abd11
1 parent 9353ffd
commit 02abd11
Showing 1 changed file with 51 additions and 0 deletions.
diff --git a/knowledge-base/deserialization-vulnerability-cve-2024-6327.md b/knowledge-base/deserialization-vulnerability-cve-2024-6327.md
@@ -0,0 +1,51 @@
+---
+title: Insecure Deserialization Vulnerability
+description: How to mitigate CVE-2024-6327, where a remote code execution attack is possible in an unpatched version of Telerik Report Server.
+slug: deserialization-vulnerability-cve-2024-6327
+res_type: kb
+---
+
+## Description
+
+Critical Alert - July 2024 - CVE-2024-6327
+
+- Report Server 2024 Q2 (10.1.24.514) and earlier.
+
+## Issue
+
+CWE-502 Deserialization of Untrusted Data
+
+## What Are the Impacts
+
+In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through an insecure deserialization vulnerability.
+
+## Solution
+
+Updating to Report Server [2024 Q2 (10.1.24.709)](https://www.telerik.com/support/whats-new/report-server/release-history/progress-telerik-report-server-2024-q2-10-1-24-709) or later is the only way to remove this vulnerability. The Progress Telerik team strongly recommends performing an upgrade to the latest version listed in the table below.
+
+| Current Version | Guidance |
+|-----------------|----------|
+| 10.1.24.514 (or earlier) | Update to 10.1.24.709 ([update instructions]({%slug upgrade%})) |
+
+All customers who have a Telerik Report Server license can access the downloads here [Product Downloads | Your Account (Telerik.com)](https://www.telerik.com/account/downloads/product-download?product=REPSERVER).
+
+## Temporary Mitigation
+
+You can temporarily mitigate this issue by changing the user for the Report Server Application Pool to one with limited permissions. If you do not already have a procedure for creating IIS users and assigning App Pool, you can reference our [How To Change IIS User for Report Server]({%slug how-to-change-report-server-iis-user%}) KB article for assistance.
+
+## Notes
+
+- Our customers’ security is of the utmost importance to us. If you have any questions, concerns, or problems related to this issue, you can open a new  [Technical Support](https://www.telerik.com/account/support-center/contact-us/) case (Technical Support is available to customers with an active Support subscription).
+- You can check what version you are running by:
+	1. Go to your Report Server web UI and log in using an account with administrator rights
+	1. Open the Configuration page (~/Configuration/Index).
+	1. Select the About tab, the version number is displayed in the pane on the right.
+- We would like to thank Markus Wulftange with CODE WHITE GmbH for their cooperation with CVE-2024-6096.
+
+## External References
+
+- [CVE-2024-6327](https://www.cve.org/CVERecord?id=CVE-2024-6327) (CRITICAL)
+
+	**CVSS**: 9.9
+
+	In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through CVE-2024-6096.