CVE-2023-40051 – This vulnerability allows attackers to upload a... (How to Fix)

Q: What is the severity of CVE-2023-40051?

CVE-2023-40051 has a CVSS score of 9.1 (CRITICAL). This vulnerability allows attackers to upload arbitrary files to Progress Application Server (PAS) for OpenEdge via the WEB transport. Affected organizations using vulnerable versions of PASOE could have their servers compromised, potentially leading to further network attacks.

📋 TL;DR

This vulnerability allows attackers to upload arbitrary files to Progress Application Server (PAS) for OpenEdge via the WEB transport. Affected organizations using vulnerable versions of PASOE could have their servers compromised, potentially leading to further network attacks.

💻 Affected Systems

Products:

Progress Application Server (PAS) for OpenEdge

Versions: 11.7 prior to 11.7.18, 12.2 prior to 12.2.13, innovation releases prior to 12.8.0

Operating Systems: All supported OS for PASOE

Default Config Vulnerable: ⚠️ Yes

Notes: Affects WEB transport configuration specifically

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server takeover leading to ransomware deployment, data exfiltration, or lateral movement across the network

🟠

Likely Case

Webshell deployment allowing persistent access, data theft, or use as attack platform

🟢

If Mitigated

Limited impact due to network segmentation, file upload restrictions, or proper patching

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

WEB transport vulnerability suggests straightforward exploitation via HTTP requests

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 11.7.18, 12.2.13, 12.8.0

Vendor Advisory: https://community.progress.com/s/article/Important-Progress-OpenEdge-Critical-Alert-for-Progress-Application-Server-in-OpenEdge-PASOE-Arbitrary-File-Upload-Vulnerability-in-WEB-Transport

Restart Required: Yes

Instructions:

1. Download appropriate patch version from Progress support portal. 2. Backup current installation. 3. Apply patch following vendor documentation. 4. Restart PASOE services. 5. Verify successful update.

🔧 Temporary Workarounds

Disable WEB Transport

all

Temporarily disable vulnerable WEB transport if not required

Modify PASOE configuration to disable WEB transport

Implement WAF Rules

all

Block suspicious file upload patterns at web application firewall

Configure WAF to block requests with file upload patterns to PASOE endpoints

🧯 If You Can't Patch

Implement strict network segmentation to isolate PASOE servers
Deploy file integrity monitoring and restrict write permissions to server directories

🔍 How to Verify

Check if Vulnerable:

Check PASOE version against affected ranges and verify WEB transport is enabled

Check Version:

openedge -v or check PASOE administration console

Verify Fix Applied:

Confirm version is 11.7.18, 12.2.13, or 12.8.0+ and test file upload functionality

📡 Detection & Monitoring

Log Indicators:

Unusual file upload patterns in PASOE logs
Unexpected file creation in server directories

Network Indicators:

HTTP POST requests with file uploads to PASOE WEB endpoints
Unusual outbound connections from PASOE server

SIEM Query:

source="PASOE" AND (event="file_upload" OR event="file_write") AND file_extension IN ("jsp", "php", "asp", "aspx", "war", "jar")

📊 Metadata

CVE ID: CVE-2023-40051

CVSS v3 Score: 9.1 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L

CWE: CWE-434

Published: January 18, 2024

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-40051, you might also want to check these: