CISA Known Exploited Vulnerability (KEV)
ScienceLogic SL1 Unspecified Vulnerability
October 21, 2024
November 11, 2024
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Description
ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component packaged with SL1. The vulnerability is addressed in SL1 versions 12.1.3+, 12.2.3+, and 12.3+. Remediations have been made available for all SL1 versions back to version lines 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x.
References
- https://arcticwolf.com/resources/blog/rackspace-breach-linked-to-zero-day-vulnerability-sciencelogic-sl1s-third-party-utility/
- https://community.sciencelogic.com/blog/latest-kb-articles-and-known-issues-blog-board/week-of-september-30-2024—latest-kb-articles-and-known-issues-part-1-of-2/1690
- https://rackspace.service-now.com/system_status?id=detailed_status&service=4dafca5a87f41610568b206f8bbb35a6
- https://support.sciencelogic.com/s/article/15465
- https://support.sciencelogic.com/s/article/15527
- https://twitter.com/ynezzor/status/1839931641172467907
- https://www.bleepingcomputer.com/news/security/rackspace-monitoring-data-stolen-in-sciencelogic-zero-day-attack/
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2024-9537
- https://www.theregister.com/2024/09/30/rackspace_zero_day_attack/