September 23, 2024 at 07:55AM
Versa Networks has issued patches for a vulnerability (CVE-2024-45229) in Versa Director, a virtualization and service creation platform. The flaw in the REST API could expose authentication tokens, with potential exploitation leading to network management. Versa advises immediate updates for affected software versions and reassures no known exploitations in production systems. CISA has urged organizations to apply the updates promptly.
The meeting notes highlight the announcement of patches by Versa Networks for a vulnerability in the Versa Director platform. Tracked as CVE-2024-45229, the vulnerability affects the REST API and could lead to exposure of authentication tokens. Versa recommends updating to the latest releases for affected Director versions and emphasizes that the vulnerability is not exploitable on Versa Directors not exposed to the internet. Furthermore, the US cybersecurity agency CISA has urged organizations to apply the necessary updates and look for any malicious activity in their environments.