Versa Product Security Update Advisory (CVE-2024-42450)

Nov 22 2024

Overview

An update has been released to address vulnerabilities in Versa Products. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2024-42450

Versa Director versions: 21.2.2, 21.2.3, 22.1.1, 22.1.2, 22.1.3
Versa Director version: 22.1.4 (Images released before November 11, 2024)

Resolved Vulnerabilities

Vulnerability in Postgres configured to listen on all network interfaces, which could allow an unauthenticated attacker to elevate the privileges of the system by accessing and managing databases or reading local file system contents (CVE-2024-42450)

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-42450

Versa Director version: 22.1.4

Referenced Sites

[1] CVE-2024-42450 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-42450

[2] 22.1.4

https://support.versa-networks.com/support/solutions/articles/23000026708-release-22-1-4

Versa Product Security Update Advisory (CVE-2024-42450)

Oracle Product Security Update Advisory (CVE-2024-21287)

Apache Traffic Server Security Update Advisory

Tags:

Oracle Product Security Update Advisory (CVE-2024-21287)

Apache Traffic Server Security Update Advisory