CVE-2024-6658

Name of the Vulnerable Software and Affected Versions Progress LoadMaster versions 7.2.55.0 through 7.2.60.0 Progress LoadMaster versions 7.2.49.0 through 7.2.54.11 Progress LoadMaster version 7.2.48.12 and all prior versions Multi-Tenant Hypervisor version 7.1.35.11 and all prior versions ECS versions prior to 7.2.60.0

Description The issue is related to an Improper Input Validation vulnerability that allows OS Command Injection. This vulnerability affects authenticated users in Progress LoadMaster. The estimated number of potentially affected devices worldwide is not specified. There is no information provided about real-world incidents where this issue was exploited.

Recommendations For Progress LoadMaster versions 7.2.55.0 through 7.2.60.0, update to a version outside of this range to fix the issue. For Progress LoadMaster versions 7.2.49.0 through 7.2.54.11, update to a version outside of this range to fix the issue. For Progress LoadMaster version 7.2.48.12 and all prior versions, update to a version newer than 7.2.48.12 to fix the issue. For Multi-Tenant Hypervisor version 7.1.35.11 and all prior versions, update to a version newer than 7.1.35.11 to fix the issue. For ECS versions prior to 7.2.60.0, update to version 7.2.60.0 or newer to fix the issue.