CVE-2024-48953

An issue was discovered in Logpoint before 7.5.0. Endpoints for creating, editing, or deleting third-party authentication modules lacked proper authorization checks. This allowed unauthenticated users to register their own authentication plugins in Logpoint, resulting in unauthorized access...

CVE-2024-48950

An issue was discovered in Logpoint before 7.5.0. An endpoint used by Distributed Logpoint Setup was exposed, allowing unauthenticated attackers to bypass CSRF protections and authentication...

CVE-2024-48952

An issue was discovered in Logpoint before 7.5.0. SOAR uses a static JWT secret key to generate tokens that allow access to SOAR API endpoints without authentication. This static key vulnerability enables attackers to create custom JWT secret keys for unauthorized access to these endpoints...

CVE-2024-30176

In Logpoint before 7.4.0, an attacker can enumerate a valid list of usernames by using publicly exposed URLs of shared widgets...

CVE-2024-48954

An issue was discovered in Logpoint before 7.5.0. Unvalidated input during the EventHub Collector setup by an authenticated user leads to Remote Code execution...

CVE-2024-56084

An issue was discovered in Logpoint UniversalNormalizer before 5.7.0. Authenticated users can inject payloads while creating Universal Normalizer. These are executed, leading to Remote Code Execution...

CVE-2024-56086

An issue was discovered in Logpoint before 7.5.0. Authenticated users can inject payloads in Report Templates. These are executed when the backup process is initiated, leading to Remote Code Execution...

CVE-2024-56087

An issue was discovered in Logpoint before 7.5.0. Authenticated users can inject payloads while querying Search Template Dashboard. These are executed, leading to Server-Side Template Injection...

CVE-2024-56085

An issue was discovered in Logpoint before 7.5.0. Authenticated users can inject payloads while creating Search Template Dashboard. These are executed, leading to Server-Side Template Injection...

CVE-2025-26789

An issue was discovered in Logpoint AgentX before 1.5.0. A vulnerability caused by limited access controls allowed li-admin users to access sensitive information about AgentX Manager in a Logpoint deployment...

CVE-2025-26789

An issue was discovered in Logpoint AgentX before 1.5.0. A vulnerability caused by limited access controls allowed li-admin users to access sensitive information about AgentX Manager in a Logpoint deployment...

CVE-2024-36383

An issue was discovered in Logpoint SAML Authentication before 6.0.3. An attacker can place a crafted filename in the state field of a SAML SSO-URL response, and the file corresponding to this filename will ultimately be deleted. This can lead to a SAML Authentication login outage...

Logpoint AgentX 安全漏洞

Logpoint AgentX is a component of a Security Information and Event Management SIEM solution from Logpoint Denmark. A security vulnerability exists in Logpoint AgentX versions prior to 1.5.0 that stems from inadequate access control and allows the li-admin user to access sensitive information...

CVE-2025-26789

An issue was discovered in Logpoint AgentX before 1.5.0. A vulnerability caused by limited access controls allowed li-admin users to access sensitive information about AgentX Manager in a Logpoint deployment...

PT-2025-7239 · Logpoint · Logpoint Agentx

Name of the Vulnerable Software and Affected Versions: Logpoint AgentX versions prior to 1.5.0 Description: An issue was discovered in Logpoint AgentX, where a vulnerability caused by limited access controls allowed li-admin users to access sensitive information about AgentX Manager in a Logpoint...

CVE-2025-26789

An issue was discovered in Logpoint AgentX before 1.5.0. A vulnerability caused by limited access controls allowed li-admin users to access sensitive information about AgentX Manager in a Logpoint deployment...

CVE-2025-26789

CVE-2025-26789 affects Logpoint AgentX prior to 1.5.0. The root cause is inadequate access controls that allow li-admin users to access sensitive information about the AgentX Manager within a Logpoint deployment. Impact is limited to exposure of sensitive information (confidentiality), with no li...

CVE-2022-48685

An issue was discovered in Logpoint 7.1 before 7.1.2. The daily executed cron file cleansecbioldlogs is writable by all users and is executed as root, leading to privilege escalation...

CVE-2022-48684

An issue was discovered in Logpoint before 7.1.1. Template injection was seen in the search template. The search template uses jinja templating for generating dynamic data. This could be abused to achieve code execution. Any user with access to create a search template can leverage this to execut...

CVE-2024-56087

An issue was discovered in Logpoint before 7.5.0. Authenticated users can inject payloads while querying Search Template Dashboard. These are executed, leading to Server-Side Template Injection...