8.4
CVE-2024-56131
- EPSS 0.07%
- Veröffentlicht 05.02.2025 18:15:28
- Zuletzt bearbeitet 31.07.2025 14:13:06
- Quelle security@progress.com
- CVE-Watchlists
- Unerledigt
Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.
Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection. This issue affects: Product Affected Versions LoadMaster From 7.2.55.0 to 7.2.60.1 (inclusive) From 7.2.49.0 to 7.2.54.12 (inclusive) 7.2.48.12 and all prior versions Multi-Tenant Hypervisor 7.1.35.12 and all prior versions ECS All prior versions to 7.2.60.1 (inclusive)
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Progress ≫ Multi-tenant Loadmaster Version < 7.1.35.13
Progress ≫ Loadmaster Version <= 7.2.48.12
Progress ≫ Loadmaster Version >= 7.2.49.0 < 7.2.54.13
Progress ≫ Loadmaster Version >= 7.2.55.0 < 7.2.61.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.199 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 0.9 | 5.9 |
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
| security@progress.com | 8.4 | 1.7 | 6 |
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.