CVE-2024-9537
CVE-2024-9537
Título es
CVE-2024-9537
Vie, 18/10/2024 – 15:15
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2024-9537
Descripción en
ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component packaged with SL1. The vulnerability is addressed in SL1 versions 12.1.3+, 12.2.3+, and 12.3+. Remediations have been made available for all SL1 versions back to version lines 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x.
18/10/2024
18/10/2024
Vector CVSS:4.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red
Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Gravedad 4.0
9.30
Gravedad 4.0 txt
CRITICAL
Gravedad 3.1 (CVSS 3.1 Base Score)
9.80
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
CRITICAL
Referencias
Oopsie, a zero-day remote code execution vulnerability was exploited … third-party ScienceLogic application used by Rackspace. We have confirmed that the exploit of this third-party application resulted in access to three internal Rackspace monitoring webservers.
— ynezz (@ynezzor) September 28, 2024
Enviar en el boletín
Off
