No advisories yet.
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Thu, 02 Jul 2026 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Progress Software
Progress Software flowmon |
|
| Vendors & Products |
Progress Software
Progress Software flowmon |
Thu, 02 Jul 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 02 Jul 2026 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | In Progress Flowmon versions prior to 12.5.9 and 13.0.10, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the PDF generation process that results in operations being performed with the privileges of another user, potentially leading to unauthorized access to sensitive data and unintended modifications to system configuration. | In Progress Flowmon versions prior to 12.5.9 and 13.0.11, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the PDF generation process that results in operations being performed with the privileges of another user, potentially leading to unauthorized access to sensitive data and unintended modifications to system configuration. |
Thu, 02 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | In Progress Flowmon versions prior to 12.5.9 and 13.0.10, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the PDF generation process that results in operations being performed with the privileges of another user, potentially leading to unauthorized access to sensitive data and unintended modifications to system configuration. | |
| Title | Unintended limited set of actions with elevated privileges may be performed during PDF generation in Progress Flowmon | |
| Weaknesses | CWE-863 | |
| References |
| |
| Metrics |
cvssV4_0
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: ProgressSoftware
Published:
Updated: 2026-07-02T14:37:24.697Z
Reserved: 2026-05-07T11:23:34.754Z
Link: CVE-2026-8079
Updated: 2026-07-02T14:37:19.217Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-02T15:30:05Z