vulnerability
ScienceLogic SL1: CVE-2024-9537
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Oct 18, 2024 | Aug 15, 2025 | Aug 15, 2025 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Oct 18, 2024
Added
Aug 15, 2025
Modified
Aug 15, 2025
Description
ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component packaged with SL1. The vulnerability is addressed in SL1 versions 12.1.3+, 12.2.3+, and 12.3+. Remediations have been made available for all SL1 versions back to version lines 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x.
Solution
sciencelogic-sl1-upgrade-latest
References
- CVE-2024-9537
- https://attackerkb.com/topics/CVE-2024-9537
- URL-https://arcticwolf.com/resources/blog/rackspace-breach-linked-to-zero-day-vulnerability-sciencelogic-sl1s-third-party-utility/
- URL-https://community.sciencelogic.com/blog/latest-kb-articles-and-known-issues-blog-board/week-of-september-30-2024---latest-kb-articles-and-known-issues-part-1-of-2/1690
- URL-https://rackspace.service-now.com/system_status?id=detailed_status&service=4dafca5a87f41610568b206f8bbb35a6
- URL-https://support.sciencelogic.com/s/article/15465
- URL-https://support.sciencelogic.com/s/article/15527
- URL-https://twitter.com/ynezzor/status/1839931641172467907
- URL-https://www.bleepingcomputer.com/news/security/rackspace-monitoring-data-stolen-in-sciencelogic-zero-day-attack/
- URL-https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2024-9537
- URL-https://www.theregister.com/2024/09/30/rackspace_zero_day_attack/
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.