A significant security vulnerability (CVE-2024-39717) in Versa Director allows users with elevated privileges to upload potentially malicious files to the system. According to reports from Versa Networks, the flaw is already being actively exploited. The U.S. government agency CISA urges immediate action to mitigate the risks.
| Product | Versa Director |
| Date | 2024-08-29 15:30:52 |
Technical Summary
Versa Networks has issued an urgent advisory regarding a critical vulnerability (CVE-2024-39717) in Versa Director. This vulnerability allowed the upload of potentially malicious files by users with “Provider-Data-Center-Admin” or “Provider-Data-Center-System-Admin” privileges. The Cybersecurity and Infrastructure Security Agency (CISA) is urging immediate action due to evidence of active exploitation in real-world environments.
[Callforaction-THREAT-Footer]
