CVE-2024-9537

Summary

ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component packaged with SL1. The vulnerability is addressed in SL1 versions 12.1.3+, 12.2.3+, and 12.3+. Remediations have been made available for all SL1 versions back to version lines 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x.

Affected Software

VendorProductVersion RangeStatus
ScienceLogicSL10 < 12.1.3affected
ScienceLogicSL10 < 12.2.3affected
ScienceLogicSL10 < 12.3affected
ScienceLogicSL10 < 10.1.xaffected
ScienceLogicSL10 < 10.2.xaffected
ScienceLogicSL10 < 11.1.xaffected
ScienceLogicSL10 < 11.2.xaffected
ScienceLogicSL10 < 11.3.xaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: yes
    • Technical Impact: total

Additional References

References