The US CISA has added ScienceLogic vulnerability to its Known Exploited Vulnerability Catalog based on the evidence or active exploitation
ScienceLogic SL1 (formerly EM7) is an IT operations platform for monitoring, analyzing, and automating an organization’s infrastructure, including cloud, networks, and applications and provides real-time visibility, event correlation, and automated workflows to help manage and optimize IT environments efficiently.
Rackspace, a managed cloud computing (hosting, storage, IT support) company, uses ScienceLogic SL1 to monitor its IT infrastructure and services.
Last month, Rackspace was intruded by abusing this zero-day vulnerability, giving the criminals access to three of Rackspace’s internal monitoring web servers and limited monitoring information.Customer account names and numbers, customer usernames, Rackspace internally generated device IDs, names and device information, device IP addresses, and AES256 encrypted Rackspace internal device agent credentials.
Affected versions
CISA has set November 11, 2024, has a deadline for federal agencies to remediate the vulnerability
