cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-3544,https://securityvulnerability.io/vulnerability/CVE-2024-3544,Unauthenticated Attackers Can Perform Actions Using SSH Private Keys,"The vulnerability allows unauthenticated attackers to exploit SSH private keys when they have access to the same network as a machine within a High Availability (HA) or Cluster group. By simply knowing an IP address, attackers can perform unauthorized actions that could compromise the integrity and availability of the system. Kemp Technologies has addressed this issue by implementing enhanced security measures for LoadMaster partner communications. The update mandates a shared secret exchange between partners, ensuring secure communication and mitigating the risk of unauthorized access.",Progress Software,Loadmaster,7.5,HIGH,0.0007600000244565308,false,,false,false,false,,,false,false,,2024-05-02T14:08:06.683Z,0
CVE-2024-3543,https://securityvulnerability.io/vulnerability/CVE-2024-3543,Attackers Can Easily Decrypt and Use Stolen Passwords to Corrupt the System,"The ECS Connection Manager by Kemp Technologies is susceptible to a flaw in its password encryption protocol. This vulnerability stems from the use of a reversible encryption algorithm that allows malicious actors to effectively decrypt stored passwords. Once attackers gain access to these sensitive credentials, they can perform unauthorized actions, leading to system corruption and exposure of confidential data. Organizations using the ECS Connection Manager should urgently assess their systems to mitigate potential risks associated with this security issue.",Progress Software,Loadmaster,7.5,HIGH,0.0008699999889358878,false,,false,false,false,,,false,false,,2024-05-02T14:05:26.748Z,0
CVE-2024-2449,https://securityvulnerability.io/vulnerability/CVE-2024-2449,LoadMaster Cross-Site Request Forgery Vulnerability,"A cross-site request forgery vulnerability has been discovered in LoadMaster, a leading application delivery controller from Kemp Technologies. This flaw permits a malicious actor to exploit the knowledge of an authenticated LoadMaster administrator's IP address or hostname, redirecting them to a malicious third-party site. Once on the site, the CSRF payload could initiate unauthorized HTTP transactions on behalf of the administrator without their consent. Proper measures and best practices are essential to mitigate this type of attack and protect sensitive information.",Progress Software,Loadmaster,7.5,HIGH,0.0005799999926239252,false,,false,false,false,,,false,false,,2024-03-22T13:35:39.103Z,0
CVE-2024-2448,https://securityvulnerability.io/vulnerability/CVE-2024-2448,OS Command Injection Vulnerability in LoadMaster,"A vulnerability has been identified in LoadMaster, developed by Kemp Technologies, that allows OS command injection through a compromised user interface. An authenticated user with any permission settings can exploit this flaw by injecting commands into the UI component, potentially leading to unintended command execution on the operating system level. This vulnerability underscores the importance of rigorous access controls and regular updates to maintain system integrity and security.",Progress Software,Loadmaster,8.8,HIGH,0.0005600000149570405,false,,false,false,false,,,false,false,,2024-03-22T13:32:43.657Z,0
CVE-2024-1212,https://securityvulnerability.io/vulnerability/CVE-2024-1212,Remote Attackers Can Execute Arbitrary System Commands via LoadMaster Management Interface,"The LoadMaster management interface in Kemp Technologies products has a vulnerability that allows unauthenticated remote attackers to gain access. This weakness can be exploited to execute arbitrary system commands, potentially compromising the integrity and security of the affected systems. Organizations using LoadMaster are advised to apply the necessary security updates to mitigate the risk associated with this vulnerability.",Progress Software,Loadmaster,9.8,CRITICAL,0.9371399879455566,true,2024-11-18T00:00:00.000Z,true,false,true,2024-03-20T07:23:18.000Z,true,true,true,2024-03-22T21:52:02.316Z,2024-02-21T17:39:12.599Z,6881