9621 Agnes Crossing, Lake Suzanneview, New Mexico Island 84604-9295.
Cloud hosting company Rackspace has been hit by a zero-day vulnerability in a monitoring dashboard operated by ScienceLogic that Rackspace hosts on its internal web servers. According to
Cloud hosting company Rackspace has been hit by a zero-day vulnerability in a monitoring dashboard operated by ScienceLogic that Rackspace hosts on its internal web servers.
According to The Register, Rackspace has informed its customers that intruders have exploited a zero-day bug in a third-party application the company uses on its internal web servers. Rackspace hosts a ScienceLogic-powered monitoring dashboard for its customers that is now reportedly being exploited due to a zero-day vulnerability. Criminals thus gained access to customer information relevant to surveillance. This forced Rackspace to temporarily take its monitoring dashboard offline for customers. Rackspace and ScienceLogic have already informed their customers.
Cloud hosting company Rackspace’s internal monitoring web servers are said to have been affected by a zero-day. Rackspace would host a ScienceLogic-powered monitoring dashboard for its customers on its own internal web servers. These servers contained a program bundled with ScienceLogic’s software. This program is said to have been misused by attackers due to a zero-day vulnerability. This gave the criminals access to the web servers, where they could obtain surveillance-relevant customer information before it was discovered.
“On September 24, 2024, Rackspace discovered a zero-day remote code execution vulnerability in a non-Rackspace utility packaged and delivered with the third-party ScienceLogic application,” a Rackspace spokesperson told The Register.
“By exploiting this zero-day vulnerability, the criminals gained access to three of Rackspace’s internal monitoring web servers and some limited monitoring information,” the Rackspace spokesperson continued. “Customer performance monitoring was not affected by this event. The only impact for customers was that they were unable to access the associated monitoring dashboard. There was no further disruption to customer service as a result of this incident.”
A letter from Rackspace to its customers, seen by The Register, provides more information about what data the criminals were able to view. This includes customer account names and numbers, customer usernames, Rackspace internally generated device IDs, names and device information, device IP addresses, and AES256 encrypted internal Rackspace device agent credentials.
Both Rackspace and ScienceLogic have notified their customers of this incident. According to Rackspace, no other Rackspace products, platforms, solutions or businesses were affected by this event.
Source: IT Daily
As an experienced journalist and author, Mary has been reporting on the latest news and trends for over 5 years. With a passion for uncovering the stories behind the headlines, Mary has earned a reputation as a trusted voice in the world of journalism. Her writing style is insightful, engaging and thought-provoking, as she takes a deep dive into the most pressing issues of our time.
