ГлавнаяУязвимости → CVE-2024-2448
8.4высокая

CVE-2024-2448

→ есть в БДУ: BDU:2024-03540 (на русском)
Описание (на английском; русское — в БДУ выше)

An OS command injection vulnerability has been identified in LoadMaster.  An authenticated UI user with any permission settings may be able to inject commands into a UI component using a shell command resulting in OS command injection.

Затрагиваемое ПО
Progress Loadmaster
CVSS
Балл8.4 — высокая
ВекторCVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Источники
https://progress.com/loadmasterhttps://support.kemptechnologies.com/hc/en-us/articles/25119767150477-LoadMaster-Security-Vulnerabilities-CVE-2024-2448-and-CVE-2024-2449https://progress.com/loadmasterhttps://support.kemptechnologies.com/hc/en-us/articles/25119767150477-LoadMaster-Security-Vulnerabilities-CVE-2024-2448-and-CVE-2024-2449