{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-3692", "assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05", "state": "PUBLISHED", "assignerShortName": "ProgressSoftware", "dateReserved": "2026-03-07T06:47:25.022Z", "datePublished": "2026-04-02T13:27:45.684Z", "dateUpdated": "2026-04-03T03:55:27.668Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05", "shortName": "ProgressSoftware", "dateUpdated": "2026-04-02T13:27:45.684Z"}, "title": "Unintended command execution during report generation in Progress Flowmon", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "affected": [{"vendor": "Progress Software", "product": "Flowmon", "versions": [{"status": "affected", "version": "Flowmon 12 versions prior to 12.5.8", "versionType": "custom"}], "defaultStatus": "affected"}], "descriptions": [{"lang": "en", "value": "In Progress Flowmon versions prior to 12.5.8, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the report generation process that results in unintended commands being executed on the server.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "In Progress Flowmon versions prior to 12.5.8, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the report generation process that results in unintended commands being executed on the server."}]}], "references": [{"url": "https://community.progress.com/s/article/CVE-2026-3692-Progress-Flowmon", "tags": ["vendor-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "HIGH", "baseScore": 8.7, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}}], "source": {"discovery": "INTERNAL"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-02T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2026-3692"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-03T03:55:27.668Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-3692", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-02T13:53:47.989589Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-02T13:54:18.779Z"}}], "cna": {"title": "Unintended command execution during report generation in Progress Flowmon", "source": {"discovery": "INTERNAL"}, "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Progress Software", "product": "Flowmon", "versions": [{"status": "affected", "version": "Flowmon 12 versions prior to 12.5.8", "versionType": "custom"}], "defaultStatus": "affected"}], "references": [{"url": "https://community.progress.com/s/article/CVE-2026-3692-Progress-Flowmon", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "In Progress Flowmon versions prior to 12.5.8, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the report generation process that results in unintended commands being executed on the server.", "supportingMedia": [{"type": "text/html", "value": "In Progress Flowmon versions prior to 12.5.8, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the report generation process that results in unintended commands being executed on the server.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05", "shortName": "ProgressSoftware", "dateUpdated": "2026-04-02T13:27:45.684Z"}}}, "cveMetadata": {"cveId": "CVE-2026-3692", "state": "PUBLISHED", "dateUpdated": "2026-04-03T03:55:27.668Z", "dateReserved": "2026-03-07T06:47:25.022Z", "assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05", "datePublished": "2026-04-02T13:27:45.684Z", "assignerShortName": "ProgressSoftware"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:progress:flowmon:*:*:*:*:*:*:*:*", "matchCriteriaId": "6AD4B0EC-54DD-48C1-917B-2BA5C135CE9A", "versionEndExcluding": "12.5.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In Progress Flowmon versions prior to 12.5.8, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the report generation process that results in unintended commands being executed on the server."}], "id": "CVE-2026-3692", "lastModified": "2026-04-07T18:45:27.150", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security@progress.com", "type": "Secondary"}]}, "published": "2026-04-02T14:16:32.640", "references": [{"source": "security@progress.com", "tags": ["Vendor Advisory"], "url": "https://community.progress.com/s/article/CVE-2026-3692-Progress-Flowmon"}], "sourceIdentifier": "security@progress.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "security@progress.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,12.5.8)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "product": "flowmon", "vendor": "progress_software"}], "analysis": {"en": {"generated_at": "2026-04-07T22:13:10.984608+00:00", "value": {"mitigation_remediation": ["Upgrade to Progress Flowmon 12.5.8 or later to remove the vulnerability.", "If an upgrade cannot be performed immediately, restrict or disable the report generation feature for low\u2011privileged accounts until the patch is applied.", "Review user privileges to ensure only necessary accounts can access report generation endpoints.", "Monitor logs for anomalous report generation activity for early detection of exploitation attempts."], "summary": {"action": "Immediate Patch", "impact": "Remote Command Execution"}, "threat_synthesis": {"affected_systems": "Progress Software Flowmon versions older than 12.5.8 are vulnerable. The issue applies to all installations of Flowmon running any pre\u201112.5.8 build, regardless of deployment size or environment.", "description_and_impact": "An authenticated low\u2011privileged user can craft a request during report generation, causing the server to execute unintended commands. This OS command injection can give the attacker the ability to run arbitrary commands, leading to full compromise of confidentiality, integrity, and availability on the affected system. The vulnerability is catalogued as CWE\u201178 and carries a CVSS score of 8.7, indicating a high severity.", "risk_and_exploitability": "The vulnerability is exploitable only by authenticated users with low privileges, but once accessed it can execute arbitrary server\u2011side commands. The EPSS shows a very low probability of exploitation (<1%) and it is not listed in CISA\u2019s KEV catalog, suggesting no current widespread exploitation. Despite the low probability, the high impact warrants immediate attention, especially in environments where users can trigger report generation."}}}}, "created": "2026-04-02T20:12:34.167219+00:00", "updated": "2026-04-08T19:56:33.850579+00:00", "vendors": ["progress_software", "progress_software$PRODUCT$flowmon"]}