An update for aops-zeus is now available for openEuler-22.03-LTS-SP2 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2024-1294 Final 1.0 1.0 2024-03-15 Initial 2024-03-15 2024-03-15 openEuler SA Tool V1.0 2024-03-15 aops-zeus security update An update for aops-zeus is now available for openEuler-22.03-LTS-SP2. A host and user manager service which is the foundation of aops. Security Fix(es): In aops-zeus software versions 1.2.0~1.4.1, there is a vulnerability in the plugin management command of the zeus/conf/constant file. Through this vulnerability, an attacker can implant arbitrary commands to be executed on the remote host, which may cause the remote host system to crash, suffering serious consequences of security threats and losses.(CVE-2024-24899) An update for aops-zeus is now available for openEuler-22.03-LTS-SP2. openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. High aops-zeus https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2024-1294 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2024-24899 https://nvd.nist.gov/vuln/detail/CVE-2024-24899 openEuler-22.03-LTS-SP2 aops-zeus-v1.2.1-3.oe2203sp2.aarch64.rpm aops-zeus-v1.2.1-3.oe2203sp2.src.rpm aops-zeus-v1.2.1-3.oe2203sp2.x86_64.rpm In aops-zeus software versions 1.2.0~1.4.1, there is a vulnerability in the plugin management command of the zeus/conf/constant file. Through this vulnerability, an attacker can implant arbitrary commands to be executed on the remote host, which may cause the remote host system to crash, suffering serious consequences of security threats and losses. 2024-03-15 CVE-2024-24899 openEuler-22.03-LTS-SP2 High 7.2 AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H aops-zeus security update 2024-03-15 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2024-1294