LoadMaster Product Security Update Advisory (CVE-2024-1212)

Overview

 

An update has been made available to address a vulnerability in LoadMaster. users of affected versions are advised to update to the latest version.

 

Affected Products

 

LoadMaster

• 7.2.48.1(include) ~ 7.2.48.10(exclude)
• 7.2.54.0(include) ~ 7.2.54.8(exclude)
• 7.2.55.0(include) ~ 7.2.59.2(exclude)

 

Resolved Vulnerabilities

 

Vulnerability that could allow system access via the LoadMaster management interface to execute arbitrary system commands (CVE-2024-1212)

 

Vulnerability Patches

 

vulnerability Patches were made available in the February 21, 2024 update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

LoadMaster 7.2.59.2 (GA) version
LoadMaster 7.2.54.8 (LTSF) version
LoadMaster 7.2.48.10 (LTS) version

 

Referenced Sites

 

[1] cve-2024-1212
https://www.cve.org/CVERecord?id=CVE-2024-1212

[2] LoadMaster Security Vulnerability CVE-2024-1212

https://support.kemptechnologies.com/hc/en-us/articles/23878931058445-LoadMaster-Security-Vulnerability-CVE-2024-1212

[3] Release Notice: LMOS 7.2.59.2, 7.2.54.8, 7.2.48.10 (CVE-2024-1212)

https://support.kemptechnologies.com/hc/en-us/articles/24325072850573-Release-Notice-LMOS-7-2-59-2-7-2-54-8-7-2-48-10-CVE-2024-1212

[4] LoadMaster GA (7.2.59.2)

https://docs.progress.com/category/loadmaster-documentation?_gl=1*ey930*_ga*MjA4Nzk5ODE0MC4xNzEwOTIxODAw*_ga_9JSNBCSF54*MTcxMDkyMTgwMS4xLjEuMTcxMDkyMjIyMy40My4wLjA.*_gcl_au*MjAzODcwOTQ3Mi4xNzEwOTIxODAx