๐Ÿ” CVE Alert

CVE-2024-9537

CRITICAL 9.8 โš ๏ธ CISA KEV

ScienceLogic SL1 unspecified vulnerability

CVSS Score
9.8
EPSS Score
0.0%
EPSS Percentile
0th

ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component packaged with SL1. The vulnerability is addressed in SL1 versions 12.1.3+, 12.2.3+, and 12.3+. Remediations have been made available for all SL1 versions back to version lines 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x.

Vendor sciencelogic
Product sl1
Published Oct 18, 2024
Last Updated Oct 21, 2025
โš ๏ธ Actively Exploited โ€” Act Now

Get instant alerts for sciencelogic sl1

This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2024-9537.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Affected Versions

ScienceLogic / SL1
0 < 12.1.3 0 < 12.2.3 0 < 12.3 0 < 10.1.x 0 < 10.2.x 0 < 11.1.x 0 < 11.2.x 0 < 11.3.x

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
rackspace.service-now.com: https://rackspace.service-now.com/system_status?id=detailed_status&service=4dafca5a87f41610568b206f8bbb35a6 twitter.com: https://twitter.com/ynezzor/status/1839931641172467907 theregister.com: https://www.theregister.com/2024/09/30/rackspace_zero_day_attack/ arcticwolf.com: https://arcticwolf.com/resources/blog/rackspace-breach-linked-to-zero-day-vulnerability-sciencelogic-sl1s-third-party-utility/ bleepingcomputer.com: https://www.bleepingcomputer.com/news/security/rackspace-monitoring-data-stolen-in-sciencelogic-zero-day-attack/ support.sciencelogic.com: https://support.sciencelogic.com/s/article/15465 support.sciencelogic.com: https://support.sciencelogic.com/s/article/15527 community.sciencelogic.com: https://community.sciencelogic.com/blog/latest-kb-articles-and-known-issues-blog-board/week-of-september-30-2024---latest-kb-articles-and-known-issues-part-1-of-2/1690 cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2024-9537 cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9537