CVE-2024-56135

Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.

This issue affects:



Product 





Affected Versions 





LoadMaster 





From 7.2.55.0 to 7.2.60.1 (inclusive) 











From 7.2.49.0 to 7.2.54.12 (inclusive) 











7.2.48.12 and all prior versions 








ECS





All prior versions to 7.2.60.1 (inclusive)
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.4 HIGH
ADJACENT_NETWORK
LOW
HIGH
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
ProgressSoftwareCNA
8.4 HIGH
ADJACENT_NETWORK
LOW
HIGH
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CISA-ADPADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 46%
Common Weakness Enumeration
References
https://community.progress.com/s/article/LoadMaster-Security-Vulnerability-CVE-2024-56131-CVE-2024-56132-CVE-2024-56133-CVE-2024-56134-CVE-2024-56135