Overview
- Description
- Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection.This issue affects: * LoadMaster: 7.2.40.0 and above * ECS: All versions * Multi-Tenancy: 7.1.35.4 and above
- Source
- security@progress.com
- NVD status
- Modified
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.2
- Impact score
- 5.9
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kemptechnologies:loadmaster:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C477074C-D2DF-4BDB-87FD-76133561BABB",
"versionEndIncluding": "7.2.60.0",
"versionStartIncluding": "7.2.40.0"
},
{
"criteria": "cpe:2.3:o:kemptechnologies:multi-tenant_hypervisor_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A696FEC5-08C0-4297-9684-03CC7C1BE9B6",
"versionEndExcluding": "7.1.35.11",
"versionStartIncluding": "7.1.35.4"
}
],
"operator": "OR"
}
]
}
]