On September 24, 2024, Rackspace discovered a zero-day remote code execution vulnerability in a non-Rackspace utility, that is packaged and delivered alongside the third-party ScienceLogic application.
Abusing this vulnerability gave the criminals access to three of Rackspace's internal monitoring webservers, and some limited monitoring information. However, customer performance monitoring was not impacted by this event.
The only impact to customers was the inability to access their associated monitoring dashboard. There was no other customer service disruption as a result of this event.
The letter customers received says there is no need for them to take any remediation steps, but 'in an abundance of caution, we commenced rotation of internal device agent credentials'.
[
Collection
]
[
|
...
]