[German]Quick note for administrators who use the load balancer LoadMaster from Progress Kemp. The provider has released the next patch for August 2024. The new vulnerability CVE-2024-6658 is to be closed. There are currently no details for the public.
What is Progress Kemp?
Progress Kemp offers the load balancer LoadMaster, which is designed to provide load balancing in networks. In its simplest form, a load balancer allows application users to be routed to the most powerful and accessible server.
Next vulnerability CVE-2024-6658
I don't know who still uses the Progress Kemp LoadMaster (load balancer). The part is mutating into a walking vulnerability. On August 20, 2024, I reported on the vulnerability CVE-2024-7591 in the article Vulnerability CVE-2024-7591 in Progress Kemp LoadMaster (Load-Balancer). It was said that it should be patched – so far nothing has been made public in terms of details.
I have now come across the next warning from August 29, 2024 regarding the vulnerability CVE-2024-6658. Details will be published on September 12, 2024, but registered users should have received details of the vulnerability in the rancid software.
Administrators using the product should update immediately. But wait, there is currently only a patch for LoadMaster, which is the software. Version 7.2.55.0 to version 7.2.60.1. There are no updates yet for older versions and the multi-tenant LoadMaster.