CVE-2024-7591

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-7591
Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection.This issue affects: * LoadMaster: 7.2.40.0 and above * ECS: All versions * Multi-Tenancy: 7.1.35.4 and above

7.2 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://insinuator.net/2024/11/vulnerability-disclosure-command-injection-in-kemp-loadmaster-load-balancer-cve-2024-7591
https://support.kemptechnologies.com/hc/en-us/articles/29196371689613-LoadMaster-Security-Vulnerability-CVE-2024-7591 Patch Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:kemptechnologies:multi-tenant_hypervisor_firmware:*:*:*:*:*:*:*:*
cpe:2.3:a:kemptechnologies:loadmaster:*:*:*:*:*:*:*:*
History

18 Feb 2025, 16:15

Type Values Removed Values Added
References
  • {'url': 'https://url.us.m.mimecastprotect.com/s/m_v3CkRgEgSz2vDGUQi8HGPtBQ?domain=insinuator.net', 'name': 'https://url.us.m.mimecastprotect.com/s/m_v3CkRgEgSz2vDGUQi8HGPtBQ?domain=insinuator.net', 'tags': [], 'refsource': ''}
  • () https://insinuator.net/2024/11/vulnerability-disclosure-command-injection-in-kemp-loadmaster-load-balancer-cve-2024-7591 -

17 Feb 2025, 17:15

Type Values Removed Values Added
CWE CWE-78
References
  • () https://url.us.m.mimecastprotect.com/s/m_v3CkRgEgSz2vDGUQi8HGPtBQ?domain=insinuator.net -

19 Sep 2024, 18:19

Type Values Removed Values Added
References () https://support.kemptechnologies.com/hc/en-us/articles/29196371689613-LoadMaster-Security-Vulnerability-CVE-2024-7591 - () https://support.kemptechnologies.com/hc/en-us/articles/29196371689613-LoadMaster-Security-Vulnerability-CVE-2024-7591 - Patch, Vendor Advisory
CWE CWE-78
First Time Kemptechnologies loadmaster
Kemptechnologies
Kemptechnologies multi-tenant Hypervisor Firmware
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.2
CPE cpe:2.3:o:kemptechnologies:multi-tenant_hypervisor_firmware:*:*:*:*:*:*:*:*
cpe:2.3:a:kemptechnologies:loadmaster:*:*:*:*:*:*:*:*

05 Sep 2024, 18:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-09-05 18:15

Updated : 2025-02-18 16:15

NVD link : CVE-2024-7591

Mitre link : CVE-2024-7591

JSON object : View

Products Affected

kemptechnologies

  • multi-tenant_hypervisor_firmware
  • loadmaster
CWE

No CWE.