CVE-2024-9537 (GCVE-0-2024-9537)
Vulnerability from cvelistv5 – Published: 2024-10-18 14:45 – Updated: 2025-10-21 22:55 X_Known Exploited Vulnerability
VLAI?
CISA KEV
Title
ScienceLogic SL1 unspecified vulnerability
Summary
ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component packaged with SL1. The vulnerability is addressed in SL1 versions 12.1.3+, 12.2.3+, and 12.3+. Remediations have been made available for all SL1 versions back to version lines 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x.
Severity ?
9.8 (Critical)
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ScienceLogic | SL1 |
Affected:
0 , < 12.1.3
(custom)
Affected: 0 , < 12.2.3 (custom) Affected: 0 , < 12.3 (custom) Affected: 0 , < 10.1.x (custom) Affected: 0 , < 10.2.x (custom) Affected: 0 , < 11.1.x (custom) Affected: 0 , < 11.2.x (custom) Affected: 0 , < 11.3.x (custom) |
Date Public ?
2024-09-24 00:00
CISA KEV
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: b4294243-27a3-489c-801d-8b01c4a28fce
Exploited: Yes
Timestamps
First Seen: 2024-10-21
Asserted: 2024-10-21
Scope
Notes: KEV entry: ScienceLogic SL1 Unspecified Vulnerability | Affected: ScienceLogic / SL1 | Description: ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component. | Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. | Due date: 2024-11-11 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://support.sciencelogic.com/s/article/15527 ; https://nvd.nist.gov/vuln/detail/CVE-2024-9537
Evidence
Type: Vendor Report
Signal: Successful Exploitation
Confidence: 80%
Source: cisa-kev
Details
| Cwes | |
|---|---|
| Feed | CISA Known Exploited Vulnerabilities Catalog |
| Product | SL1 |
| Due Date | 2024-11-11 |
| Date Added | 2024-10-21 |
| Vendorproject | ScienceLogic |
| Vulnerabilityname | ScienceLogic SL1 Unspecified Vulnerability |
| Knownransomwarecampaignuse | Unknown |
References
Created: 2026-02-02 13:24 UTC
| Updated: 2026-02-06 07:53 UTC
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:sciencelogic:sl1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sl1",
"vendor": "sciencelogic",
"versions": [
{
"lessThan": "12.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "12.2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "12.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "10.1.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "10.2.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.1.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.2.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.3.x",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:sciencelogic:sl1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sl1",
"vendor": "sciencelogic",
"versions": [
{
"lessThan": "12.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "12.2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "12.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "10.1.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "10.2.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.1.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.2.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.3.x",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:sciencelogic:sl1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sl1",
"vendor": "sciencelogic",
"versions": [
{
"lessThan": "12.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "12.2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "12.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "10.1.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "10.2.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.1.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.2.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.3.x",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:sciencelogic:sl1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sl1",
"vendor": "sciencelogic",
"versions": [
{
"lessThan": "12.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "12.2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "12.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "10.1.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "10.2.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.1.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.2.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.3.x",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:sciencelogic:sl1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sl1",
"vendor": "sciencelogic",
"versions": [
{
"lessThan": "12.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "12.2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "12.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "10.1.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "10.2.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.1.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.2.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.3.x",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:sciencelogic:sl1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sl1",
"vendor": "sciencelogic",
"versions": [
{
"lessThan": "12.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "12.2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "12.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "10.1.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "10.2.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.1.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.2.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.3.x",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:sciencelogic:sl1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sl1",
"vendor": "sciencelogic",
"versions": [
{
"lessThan": "12.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "12.2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "12.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "10.1.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "10.2.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.1.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.2.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.3.x",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:sciencelogic:sl1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sl1",
"vendor": "sciencelogic",
"versions": [
{
"lessThan": "12.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "12.2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "12.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "10.1.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "10.2.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.1.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.2.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.3.x",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9537",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-21T15:09:27.600862Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-10-21",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9537"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:42.397Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9537"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-10-21T00:00:00.000Z",
"value": "CVE-2024-9537 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SL1",
"vendor": "ScienceLogic",
"versions": [
{
"lessThan": "12.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "12.2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "12.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "10.1.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "10.2.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.1.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.2.x",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.3.x",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-09-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component packaged with SL1. The vulnerability is addressed in SL1 versions 12.1.3+, 12.2.3+, and 12.3+. Remediations have been made available for all SL1 versions back to version lines 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component packaged with SL1. The vulnerability is addressed in SL1 versions 12.1.3+, 12.2.3+, and 12.3+. Remediations have been made available for all SL1 versions back to version lines 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "RED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-21T15:50:25.109Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"url": "https://rackspace.service-now.com/system_status?id=detailed_status\u0026service=4dafca5a87f41610568b206f8bbb35a6"
},
{
"url": "https://twitter.com/ynezzor/status/1839931641172467907"
},
{
"tags": [
"media-coverage"
],
"url": "https://www.theregister.com/2024/09/30/rackspace_zero_day_attack/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://arcticwolf.com/resources/blog/rackspace-breach-linked-to-zero-day-vulnerability-sciencelogic-sl1s-third-party-utility/"
},
{
"tags": [
"media-coverage"
],
"url": "https://www.bleepingcomputer.com/news/security/rackspace-monitoring-data-stolen-in-sciencelogic-zero-day-attack/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://support.sciencelogic.com/s/article/15465"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://support.sciencelogic.com/s/article/15527"
},
{
"tags": [
"release-notes"
],
"url": "https://community.sciencelogic.com/blog/latest-kb-articles-and-known-issues-blog-board/week-of-september-30-2024---latest-kb-articles-and-known-issues-part-1-of-2/1690"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2024-9537"
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"x_known-exploited-vulnerability"
],
"title": "ScienceLogic SL1 unspecified vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2024-9537",
"datePublished": "2024-10-18T14:45:02.147Z",
"dateReserved": "2024-10-04T17:48:28.986Z",
"dateUpdated": "2025-10-21T22:55:42.397Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2024-9537",
"dateAdded": "2024-10-21",
"dueDate": "2024-11-11",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https://support.sciencelogic.com/s/article/15527 ; https://nvd.nist.gov/vuln/detail/CVE-2024-9537",
"product": "SL1",
"requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"shortDescription": "ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component.",
"vendorProject": "ScienceLogic",
"vulnerabilityName": "ScienceLogic SL1 Unspecified Vulnerability"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-9537\",\"sourceIdentifier\":\"9119a7d8-5eab-497f-8521-727c672e3725\",\"published\":\"2024-10-18T15:15:04.170\",\"lastModified\":\"2025-11-03T18:55:13.320\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component packaged with SL1. The vulnerability is addressed in SL1 versions 12.1.3+, 12.2.3+, and 12.3+. Remediations have been made available for all SL1 versions back to version lines 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x.\"},{\"lang\":\"es\",\"value\":\"ScienceLogic SL1 (anteriormente EM7) se ve afectado por una vulnerabilidad no especificada que involucra un componente de terceros no especificado incluido en el paquete de SL1. La vulnerabilidad se solucion\u00f3 en las versiones 12.1.3+, 12.2.3+ y 12.3+ de SL1. Se han puesto a disposici\u00f3n soluciones para todas las versiones de SL1 hasta las l\u00edneas de versi\u00f3n 10.1.x, 10.2.x, 11.1.x, 11.2.x y 11.3.x.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red\",\"baseScore\":9.3,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"RED\"}}],\"cvssMetricV31\":[{\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"cisaExploitAdd\":\"2024-10-21\",\"cisaActionDue\":\"2024-11-11\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"ScienceLogic SL1 Unspecified Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sciencelogic:sl1:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.1.0\",\"versionEndExcluding\":\"12.1.3\",\"matchCriteriaId\":\"4BFE7072-C420-4186-8441-AD5A531382EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sciencelogic:sl1:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.2.0\",\"versionEndExcluding\":\"12.2.3\",\"matchCriteriaId\":\"BE089841-BC12-4DF6-86A3-71AF46CC2345\"}]}]}],\"references\":[{\"url\":\"https://arcticwolf.com/resources/blog/rackspace-breach-linked-to-zero-day-vulnerability-sciencelogic-sl1s-third-party-utility/\",\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://community.sciencelogic.com/blog/latest-kb-articles-and-known-issues-blog-board/week-of-september-30-2024---latest-kb-articles-and-known-issues-part-1-of-2/1690\",\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://rackspace.service-now.com/system_status?id=detailed_status\u0026service=4dafca5a87f41610568b206f8bbb35a6\",\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.sciencelogic.com/s/article/15465\",\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://support.sciencelogic.com/s/article/15527\",\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://twitter.com/ynezzor/status/1839931641172467907\",\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.bleepingcomputer.com/news/security/rackspace-monitoring-data-stolen-in-sciencelogic-zero-day-attack/\",\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2024-9537\",\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.theregister.com/2024/09/30/rackspace_zero_day_attack/\",\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9537\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-9537\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-21T15:09:27.600862Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2024-10-21\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9537\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:sciencelogic:sl1:*:*:*:*:*:*:*:*\"], \"vendor\": \"sciencelogic\", \"product\": \"sl1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.2.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"10.1.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"10.2.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.1.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.2.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.3.x\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:sciencelogic:sl1:*:*:*:*:*:*:*:*\"], \"vendor\": \"sciencelogic\", \"product\": \"sl1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.2.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"10.1.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"10.2.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.1.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.2.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.3.x\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:sciencelogic:sl1:*:*:*:*:*:*:*:*\"], \"vendor\": \"sciencelogic\", \"product\": \"sl1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.2.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"10.1.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"10.2.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.1.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.2.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.3.x\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:sciencelogic:sl1:*:*:*:*:*:*:*:*\"], \"vendor\": \"sciencelogic\", \"product\": \"sl1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.2.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"10.1.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"10.2.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.1.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.2.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.3.x\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:sciencelogic:sl1:*:*:*:*:*:*:*:*\"], \"vendor\": \"sciencelogic\", \"product\": \"sl1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.2.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"10.1.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"10.2.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.1.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.2.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.3.x\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:sciencelogic:sl1:*:*:*:*:*:*:*:*\"], \"vendor\": \"sciencelogic\", \"product\": \"sl1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.2.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"10.1.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"10.2.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.1.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.2.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.3.x\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:sciencelogic:sl1:*:*:*:*:*:*:*:*\"], \"vendor\": \"sciencelogic\", \"product\": \"sl1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.2.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"10.1.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"10.2.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.1.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.2.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.3.x\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:sciencelogic:sl1:*:*:*:*:*:*:*:*\"], \"vendor\": \"sciencelogic\", \"product\": \"sl1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.2.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"10.1.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"10.2.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.1.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.2.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.3.x\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-10-21T00:00:00.000Z\", \"value\": \"CVE-2024-9537 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9537\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-18T16:29:35.552Z\"}}], \"cna\": {\"tags\": [\"x_known-exploited-vulnerability\"], \"title\": \"ScienceLogic SL1 unspecified vulnerability\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 9.3, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Red\", \"providerUrgency\": \"RED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"ScienceLogic\", \"product\": \"SL1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.2.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"10.1.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"10.2.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.1.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.2.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.3.x\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"datePublic\": \"2024-09-24T00:00:00.000Z\", \"references\": [{\"url\": \"https://rackspace.service-now.com/system_status?id=detailed_status\u0026service=4dafca5a87f41610568b206f8bbb35a6\"}, {\"url\": \"https://twitter.com/ynezzor/status/1839931641172467907\"}, {\"url\": \"https://www.theregister.com/2024/09/30/rackspace_zero_day_attack/\", \"tags\": [\"media-coverage\"]}, {\"url\": \"https://arcticwolf.com/resources/blog/rackspace-breach-linked-to-zero-day-vulnerability-sciencelogic-sl1s-third-party-utility/\", \"tags\": [\"third-party-advisory\"]}, {\"url\": \"https://www.bleepingcomputer.com/news/security/rackspace-monitoring-data-stolen-in-sciencelogic-zero-day-attack/\", \"tags\": [\"media-coverage\"]}, {\"url\": \"https://support.sciencelogic.com/s/article/15465\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://support.sciencelogic.com/s/article/15527\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://community.sciencelogic.com/blog/latest-kb-articles-and-known-issues-blog-board/week-of-september-30-2024---latest-kb-articles-and-known-issues-part-1-of-2/1690\", \"tags\": [\"release-notes\"]}, {\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2024-9537\", \"tags\": [\"government-resource\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component packaged with SL1. The vulnerability is addressed in SL1 versions 12.1.3+, 12.2.3+, and 12.3+. Remediations have been made available for all SL1 versions back to version lines 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component packaged with SL1. The vulnerability is addressed in SL1 versions 12.1.3+, 12.2.3+, and 12.3+. Remediations have been made available for all SL1 versions back to version lines 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x.\u003c/span\u003e\u003cbr\u003e\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"9119a7d8-5eab-497f-8521-727c672e3725\", \"shortName\": \"cisa-cg\", \"dateUpdated\": \"2024-10-21T15:50:25.109Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-9537\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T22:55:42.397Z\", \"dateReserved\": \"2024-10-04T17:48:28.986Z\", \"assignerOrgId\": \"9119a7d8-5eab-497f-8521-727c672e3725\", \"datePublished\": \"2024-10-18T14:45:02.147Z\", \"assignerShortName\": \"cisa-cg\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…