This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

CVE-2024-7528 not closing on Rapid7/Nexpose scans for Windows Server 2012 R2

  • 2 tontu
  • 0 am na jafe-jafe bii
  • i mujjee tontu mooy Chris C

more options

CVE-2024-7528 is not closing on Rapid7/Nexpose re-scans for Windows 2012 R2 Servers. When the latest ESR package for Windows 2012 R2 is applied the vulnerability remains open even when using ESR version 115.17.0.

When I check the NVD it looks like the only vulnerable versions are <115.7.0. https://nvd.nist.gov/vuln/detail/CVE-2024-7528#range-13199073

Is this vulnerability resolved in any released version of ESR? In browsing the release notes for the past few ESR releases I'm not seeing it mentioned so curious if it's

CVE-2024-7528 is not closing on Rapid7/Nexpose re-scans for Windows 2012 R2 Servers. When the latest ESR package for Windows 2012 R2 is applied the vulnerability remains open even when using ESR version 115.17.0. When I check the NVD it looks like the only vulnerable versions are <115.7.0. https://nvd.nist.gov/vuln/detail/CVE-2024-7528#range-13199073 Is this vulnerability resolved in any released version of ESR? In browsing the release notes for the past few ESR releases I'm not seeing it mentioned so curious if it's

All Replies (2)

more options

This was not an issue in the 115 ESR. The bug that caused it landed in Firefox 127.

Helpful?

more options

Thanks Mike! I'm guessing its an issue with the scanner misidentifying which versions are effected by that CVE.

Helpful?

Laajal dara

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.