Vulnerabilities > CVE-2024-6121 - Unspecified vulnerability in NI Flexlogger and Systemlink

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

NVD

Published: 2024-07-22

Updated: 2024-11-21

Summary

An out-of-date version of Redis shipped with NI SystemLink Server is susceptible to multiple vulnerabilities, including CVE-2022-24834. This affects NI SystemLink Server 2024 Q1 and prior versions. It also affects NI FlexLogger 2023 Q2 and prior versions which installed this shared service.

Vulnerable Configurations

Part	Description	Count
Application	Ni NI Flexlogger 2023 NI Flexlogger 2018 NI Flexlogger 2019 NI Flexlogger 2020 NI Flexlogger 2021 NI Flexlogger 2022 NI Systemlink 2020 NI Systemlink 2022 NI Systemlink 2024	26

References

https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/ni-systemlink-server-ships-out-of-date-redis-version.html
https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/ni-systemlink-server-ships-out-of-date-redis-version.html