Lucene search
K
ProgressLoadmaster7.2.49.0

11 matches found

CVE
CVE
added 2024/05/02 2:5 p.m.97 views

CVE-2024-3543

CVE-2024-3543 concerns Kemp LoadMaster components where a reversible password encryption method can be used to decrypt stored passwords. The underlying issue is that sensitive credentials can be decrypted by an attacker, enabling use of stolen credentials for arbitrary actions that could compromi...

7.5CVSS6.9AI score0.00277EPSS
CVE
CVE
added 2024/05/02 2:8 p.m.89 views

CVE-2024-3544

CVE-2024-3544 concerns Kemp LoadMaster in HA/Cluster partner communications. The vulnerability allows unauthenticated attackers who share network access to the affected machine to perform actions using SSH private keys. Root cause is insufficient authentication between partners during communicati...

7.5CVSS6.8AI score0.00379EPSS
CVE
CVE
added 2025/02/05 6:0 p.m.83 views

CVE-2024-56131

CVE-2024-56131 (and related CVEs 56132–56135) affect Progress LoadMaster and associated products, exposing OS command injection via improper input validation when an authenticated user interacts with the management interface. Affected versions include LoadMaster 7.2.55.0–7.2.60.1 (inclusive), 7.2...

8.4CVSS8.4AI score0.06337EPSS
CVE
CVE
added 2025/02/05 6:2 p.m.76 views

CVE-2024-56135

Progress LoadMaster contains an Improper Input Validation vulnerability (CVE-2024-56135) affecting multiple LoadMaster versions from 7.2.48.12 and earlier, 7.2.49.0–7.2.54.12, and 7.2.55.0–7.2.60.1 (inclusive), with fixes in 7.2.54.13 (LTSF) and 7.2.61.0 (GA). The issue allows an authenticated us...

8.4CVSS7.2AI score0.06337EPSS
CVE
CVE
added 2024/03/22 1:35 p.m.71 views

CVE-2024-2449

CVE-2024-2449 describes a cross-site request forgery in Kemp LoadMaster. An authenticated LoadMaster administrator, who knows the IP/hostname, can be lured to a malicious site where a CSRF payload issues HTTP transactions on behalf of the admin. The core impact is unauthorized actions performed i...

7.5CVSS7.5AI score0.1288EPSS
CVE
CVE
added 2024/03/22 1:32 p.m.67 views

CVE-2024-2448

CVE-2024-2448 describes an OS command injection in Kemp/LoadMaster. An authenticated UI user with any permission level can inject commands into a UI component via a shell command, leading to possible OS command execution with high impact (confidentiality, integrity, availability all high). Affect...

8.8CVSS8.7AI score0.55422EPSS
CVE
CVE
added 2025/02/05 6:2 p.m.67 views

CVE-2024-56134

Progress LoadMaster has a class of vulnerabilities described as Improper Input Validation for authenticated users, enabling OS command injection. Affected are LoadMaster releases 7.2.55.0–7.2.60.1 (inclusive), 7.2.49.0–7.2.54.12 (inclusive), 7.2.48.12 and earlier; Multi-Tenant LoadMaster 7.1.35.1...

8.4CVSS7.2AI score0.00591EPSS
CVE
CVE
added 2025/02/05 6:1 p.m.63 views

CVE-2024-56132

The CVE-2024-56132 issue affects Progress LoadMaster and relates to improper input validation in the management interface, enabling potential OS command injection when an authenticated user sends crafted requests. The affected versions span LoadMaster 7.2.55.0–7.2.60.1 (inclusive), 7.2.49.0–7.2.5...

8.4CVSS7.2AI score0.06337EPSS
CVE
CVE
added 2025/02/05 6:1 p.m.62 views

CVE-2024-56133

CVE-2024-56133 is a known issue in Progress LoadMaster involving improper input validation that enables an unauthenticated or authenticated user to trigger an OS command injection via the management interface. The vulnerability affects LoadMaster versions: 7.2.55.0–7.2.60.1 (inclusive) , 7.2.49.0...

8.4CVSS7.2AI score0.06337EPSS
CVE
CVE
added 2024/09/12 2:38 p.m.59 views

CVE-2024-6658

CVE-2024-6658 is an Improper Input Validation vulnerability affecting Kemp LoadMaster products. The issue allows an authenticated user to trigger OS command injection due to improper input validation in LoadMaster’s exposed functionality. Affected versions include LoadMaster 7.2.55.0–7.2.60.0 (in...

8.4CVSS8.5AI score0.00553EPSS
CVE
CVE
added 2024/10/11 2:19 p.m.49 views

CVE-2024-8755

CVE-2024-8755 is an Improper Input Validation vulnerability in Progress LoadMaster and Progress Multi-Tenant Hypervisor that allows OS Command Injection for authenticated users via the LoadMaster management interface. Affected: LoadMaster versions 7.2.55.0–7.2.60.1; 7.2.49.0–7.2.54.12; 7.2.48.12 ...

9.8CVSS8.5AI score0.01139EPSS