CVE-2024-9537

ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component packaged with SL1. The vulnerability is addressed in SL1 versions 12.1.3+, 12.2.3+, and 12.3+. Remediations have been made available for all SL1 versions back to version lines 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://arcticwolf.com/resources/blog/rackspace-breach-linked-to-zero-day-vulnerability-sciencelogic-sl1s-third-party-utility/	Press/Media Coverage
https://community.sciencelogic.com/blog/latest-kb-articles-and-known-issues-blog-board/week-of-september-30-2024---latest-kb-articles-and-known-issues-part-1-of-2/1690	Vendor Advisory
https://rackspace.service-now.com/system_status?id=detailed_status&service=4dafca5a87f41610568b206f8bbb35a6	Third Party Advisory
https://support.sciencelogic.com/s/article/15465	Permissions Required
https://support.sciencelogic.com/s/article/15527	Permissions Required
https://twitter.com/ynezzor/status/1839931641172467907	Third Party Advisory
https://www.bleepingcomputer.com/news/security/rackspace-monitoring-data-stolen-in-sciencelogic-zero-day-attack/	Press/Media Coverage
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2024-9537	Third Party Advisory US Government Resource
https://www.theregister.com/2024/09/30/rackspace_zero_day_attack/	Press/Media Coverage

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:sciencelogic:sl1::::::::
	cpe:2.3:a:sciencelogic:sl1::::::::

History

No history.

Information

Published : 2024-10-18 15:15

Updated : 2024-10-22 17:33

NVD link : CVE-2024-9537

Mitre link : CVE-2024-9537

CVE.ORG link : CVE-2024-9537

JSON object : View

Products Affected

sciencelogic

sl1

CWE

NVD-CWE-noinfo

{"id": "CVE-2024-9537", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "9119a7d8-5eab-497f-8521-727c672e3725", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "9119a7d8-5eab-497f-8521-727c672e3725", "cvssData": {"safety": "NOT_DEFINED", "version": "4.0", "recovery": "NOT_DEFINED", "baseScore": 9.3, "automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "RED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "modifiedAttackVector": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subsequentSystemIntegrity": "NONE", "vulnerableSystemIntegrity": "HIGH", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "vulnerableSystemAvailability": "HIGH", "subsequentSystemConfidentiality": "NONE", "vulnerableSystemConfidentiality": "HIGH", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED"}}]}, "published": "2024-10-18T15:15:04.170", "references": [{"url": "https://arcticwolf.com/resources/blog/rackspace-breach-linked-to-zero-day-vulnerability-sciencelogic-sl1s-third-party-utility/", "tags": ["Press/Media Coverage"], "source": "9119a7d8-5eab-497f-8521-727c672e3725"}, {"url": "https://community.sciencelogic.com/blog/latest-kb-articles-and-known-issues-blog-board/week-of-september-30-2024---latest-kb-articles-and-known-issues-part-1-of-2/1690", "tags": ["Vendor Advisory"], "source": "9119a7d8-5eab-497f-8521-727c672e3725"}, {"url": "https://rackspace.service-now.com/system_status?id=detailed_status&service=4dafca5a87f41610568b206f8bbb35a6", "tags": ["Third Party Advisory"], "source": "9119a7d8-5eab-497f-8521-727c672e3725"}, {"url": "https://support.sciencelogic.com/s/article/15465", "tags": ["Permissions Required"], "source": "9119a7d8-5eab-497f-8521-727c672e3725"}, {"url": "https://support.sciencelogic.com/s/article/15527", "tags": ["Permissions Required"], "source": "9119a7d8-5eab-497f-8521-727c672e3725"}, {"url": "https://twitter.com/ynezzor/status/1839931641172467907", "tags": ["Third Party Advisory"], "source": "9119a7d8-5eab-497f-8521-727c672e3725"}, {"url": "https://www.bleepingcomputer.com/news/security/rackspace-monitoring-data-stolen-in-sciencelogic-zero-day-attack/", "tags": ["Press/Media Coverage"], "source": "9119a7d8-5eab-497f-8521-727c672e3725"}, {"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2024-9537", "tags": ["Third Party Advisory", "US Government Resource"], "source": "9119a7d8-5eab-497f-8521-727c672e3725"}, {"url": "https://www.theregister.com/2024/09/30/rackspace_zero_day_attack/", "tags": ["Press/Media Coverage"], "source": "9119a7d8-5eab-497f-8521-727c672e3725"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component packaged with SL1. The vulnerability is addressed in SL1 versions 12.1.3+, 12.2.3+, and 12.3+. Remediations have been made available for all SL1 versions back to version lines 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x."}, {"lang": "es", "value": "ScienceLogic SL1 (anteriormente EM7) se ve afectado por una vulnerabilidad no especificada que involucra un componente de terceros no especificado incluido en el paquete de SL1. La vulnerabilidad se solucion\u00f3 en las versiones 12.1.3+, 12.2.3+ y 12.3+ de SL1. Se han puesto a disposici\u00f3n soluciones para todas las versiones de SL1 hasta las l\u00edneas de versi\u00f3n 10.1.x, 10.2.x, 11.1.x, 11.2.x y 11.3.x."}], "lastModified": "2024-10-22T17:33:23.837", "cisaActionDue": "2024-11-11", "cisaExploitAdd": "2024-10-21", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sciencelogic:sl1:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BFE7072-C420-4186-8441-AD5A531382EE", "versionEndExcluding": "12.1.3", "versionStartIncluding": "10.1.0"}, {"criteria": "cpe:2.3:a:sciencelogic:sl1:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE089841-BC12-4DF6-86A3-71AF46CC2345", "versionEndExcluding": "12.2.3", "versionStartIncluding": "12.2.0"}], "operator": "OR"}]}], "sourceIdentifier": "9119a7d8-5eab-497f-8521-727c672e3725", "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "ScienceLogic SL1 Unspecified Vulnerability"}