Cleo Product Security Update Advisory (CVE-2024-50623)

Dec 16 2024

Overview

An update has been released to address vulnerabilities in Cleo Products. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2024-50623

Cleo Harmony® versions: ~5.8.0.21 (excluded)
Cleo VLTrader® versions: ~5.8.0.21 (excluded)
Cleo LexiCom® versions: ~5.8.0.21 (excluded)

Resolved Vulnerabilities

Unrestricted file upload and download vulnerability that could lead to remote code execution (CVE-2024-50623)

Vulnerability Patches

Vulnerability Patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-50623

Cleo Harmony® version: 5.8.0.21
Cleo VLTrader® version: 5.8.0.21
Cleo LexiCom® version: 5.8.0.21

Referenced Sites

[1] CVE-2024-50623 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-50623

[2] https://support.cleo.com/hc/en-us/articles/27140294267799-Cleo-Product-Security-Advisory-CVE-2024-50623

Cleo Product Security Update Advisory (CVE-2024-50623)

Apache Superset Security Update Advisory (CVE-2024-53949)

Dell Product Line Security Update Advisory

Tags:

Apache Superset Security Update Advisory (CVE-2024-53949)

Dell Product Line Security Update Advisory