CVE-2024-56131
Published: 05 February 2025
Summary
CVE-2024-56131 is a high-severity Improper Input Validation (CWE-20) vulnerability in Progress Loadmaster. Its CVSS base score is 8.4 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 20.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
SI-10 directly mandates validation of information inputs, comprehensively addressing the improper input validation that enables OS command injection in this CVE.
SI-2 requires identification, reporting, and correction of system flaws, directly mitigating this CVE through vendor-provided patches.
SI-9 restricts types, amounts, and characteristics of inputs, providing complementary protection against command injection payloads.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
OS command injection vulnerability directly enables remote command execution on a network appliance (T1190) via Unix shell (T1059.004).
NVD Description
Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection. This issue affects: Product Affected Versions LoadMaster From 7.2.55.0 to 7.2.60.1 (inclusive) From 7.2.49.0 to 7.2.54.12 (inclusive) 7.2.48.12 and all prior versions Multi-Tenant Hypervisor 7.1.35.12…
more
and all prior versions ECS All prior versions to 7.2.60.1 (inclusive)
Deeper analysisAI
CVE-2024-56131 is an improper input validation vulnerability in Progress LoadMaster that enables OS command injection by authenticated users. The vulnerability affects LoadMaster versions from 7.2.55.0 to 7.2.60.1 inclusive, from 7.2.49.0 to 7.2.54.12 inclusive, and 7.2.48.12 and all prior versions; Multi-Tenant Hypervisor versions 7.1.35.12 and all prior versions; and ECS all versions prior to 7.2.60.1 inclusive. It is associated with CWE-20 and carries a CVSS v3.1 base score of 8.4 (AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Exploitation requires an attacker with high privileges (PR:H) who is authenticated and positioned on an adjacent network (AV:A). The attack has low complexity and requires no user interaction. Successful exploitation allows OS command injection, yielding high impacts on confidentiality, integrity, and availability with a changed scope (S:C).
Progress has published a security advisory covering CVE-2024-56131 along with related vulnerabilities CVE-2024-56132 through CVE-2024-56135, available at https://community.progress.com/s/article/LoadMaster-Security-Vulnerability-CVE-2024-56131-CVE-2024-56132-CVE-2024-56133-CVE-2024-56134-CVE-2024-56135, which provides details on mitigations and patches.
Details
- CWE(s)