In Progress Flowmon ADS versions prior to 12.5.6 and 13.0.5, a vulnerability exists whereby an adversary who is authenticated as a low-privileged user in the Anomaly Detection System (ADS) may send specially crafted requests that could result in unauthorized access to application data and its modification.
Metrics
Affected Vendors & Products
References
History
Thu, 02 Jul 2026 16:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Progress Software
Progress Software flowmon Ads |
|
| Vendors & Products |
Progress Software
Progress Software flowmon Ads |
Thu, 02 Jul 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 02 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | In Progress Flowmon ADS versions prior to 12.5.6 and 13.0.5, a vulnerability exists whereby an adversary who is authenticated as a low-privileged user in the Anomaly Detection System (ADS) may send specially crafted requests that could result in unauthorized access to application data and its modification. | |
| Title | Possibility of unintended database operations when querying data related to detected anomalies in Progress Flowmon ADS | |
| Weaknesses | CWE-89 | |
| References |
| |
| Metrics |
cvssV4_0
|
Status: PUBLISHED
Assigner: ProgressSoftware
Published:
Updated: 2026-07-02T14:36:40.904Z
Reserved: 2026-05-22T10:44:21.456Z
Link: CVE-2026-9272
Updated: 2026-07-02T14:36:31.308Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-02T16:00:11Z