CVE-2024-1212 — Progress Kemp LoadMaster OS Command Injection Vulnerability
2024-11-18 • CISA Known Exploited Vulnerability
[event] Progress Kemp LoadMaster contains an OS command injection vulnerability that allows an unauthenticated, remote attacker to access the system through the LoadMaster management interface, enabling arbitrary system command execution.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Progress |
| Product | Kemp LoadMaster |
| CWE | CWE-78 |
| CVE ID | CVE-2024-1212 |
| Date Added | 2024-11-18 |
| Due Date | 2024-12-09 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Due Date: 2024-12-09