OESA-2024-1293

See a problem?
Please try reporting it to the source first.

Source

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1293

Import Source

https://repo.openeuler.org/security/data/osv/OESA-2024-1293.json

JSON Data

https://api.osv.dev/v1/vulns/OESA-2024-1293

Upstream

CVE-2024-24899

Published

2024-03-15T11:07:14Z

Modified

2025-09-03T06:20:05.698965Z

Summary

aops-zeus security update

Details

A host and user manager service which is the foundation of aops.

Security Fix(es):

In aops-zeus software versions 1.2.0~1.4.1, there is a vulnerability in the plugin management command of the zeus/conf/constant file. Through this vulnerability, an attacker can implant arbitrary commands to be executed on the remote host, which may cause the remote host system to crash, suffering serious consequences of security threats and losses.(CVE-2024-24899)

Database specific

{
    "severity": "High"
}

References

Affected packages

openEuler:22.03-LTS-SP1 / aops-zeus

Package

Name: aops-zeus
Purl: pkg:rpm/openEuler/aops-zeus&distro=openEuler-22.03-LTS-SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

v1.2.0-5.oe2203sp1

Ecosystem specific

{
    "src": [
        "aops-zeus-v1.2.0-5.oe2203sp1.src.rpm"
    ],
    "aarch64": [
        "aops-zeus-v1.2.0-5.oe2203sp1.aarch64.rpm"
    ],
    "x86_64": [
        "aops-zeus-v1.2.0-5.oe2203sp1.x86_64.rpm"
    ]
}

Database specific

source

"https://repo.openeuler.org/security/data/osv/OESA-2024-1293.json"