Lucene search
K

72 matches found

Cvelist
Cvelist
added 2024/11/22 8:5 p.m.28 views

CVE-2024-5716 Logsign Unified SecOps Platform Authentication Bypass Vulnerability

Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

8.6CVSS0.01602EPSS
Exploits1References2
CVE
CVE
added 2024/11/22 8:5 p.m.64 views

CVE-2024-5716

CVE-2024-5716 is a Logsign Unified SecOps Platform authentication bypass vulnerability in the password reset flow caused by insufficient rate limiting of reset attempts. Public sources confirm affected software is the Logsign Unified SecOps Platform (pre-6.4.8 per CNNVD) with unauthenticated rese...

9.8CVSS8.9AI score0.01602EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.6 views

LogSign Unified SecOps Platform 操作系统命令注入漏洞

Logsign Unified SecOps Platform is a security operations platform from Logsign, Inc. for collecting, storing, analyzing, and responding to security data from a variety of sources. An operating system command injection vulnerability exists in LogSign Unified SecOps Platform versions prior to 6.4.8...

8.8CVSS9.2AI score0.02973EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.4 views

LogSign Unified SecOps Platform 操作系统命令注入漏洞

Logsign Unified SecOps Platform is a security operations platform from Logsign, Inc. for collecting, storing, analyzing, and responding to security data from a variety of sources. An operating system command injection vulnerability exists in LogSign Unified SecOps Platform versions prior to 6.4.8...

8.8CVSS9.3AI score0.02585EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.3 views

Logsign Unified SecOps Platform 访问控制错误漏洞

Logsign Unified SecOps Platform is a security operations platform from Logsign, Inc. for collecting, storing, analyzing, and responding to security data from a variety of sources. An Access Control Error vulnerability exists in Logsign Unified SecOps Platform versions prior to 6.4.8, which stems...

8.1CVSS8.5AI score0.0583EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/09/26 12:0 a.m.4 views

PT-2024-39516 · Logsign · Logsign Unified Secops Platform

Name of the Vulnerable Software and Affected Versions: Logsign Unified SecOps Platform affected versions not specified Description: This issue allows remote attackers to delete arbitrary files within sensitive directories on affected installations of Logsign Unified SecOps Platform. Authenticatio...

6.5CVSS6.8AI score0.00597EPSS
Exploits0References6
OSV
OSV
added 2024/08/21 4:15 p.m.2 views

CVE-2024-7603

Logsign Unified SecOps Platform Directory Traversal Arbitrary Directory Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary directories on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The...

8.1CVSS5.9AI score0.02016EPSS
Exploits0References2
NVD
NVD
added 2024/08/21 4:15 p.m.19 views

CVE-2024-7604

Logsign Unified SecOps Platform Incorrect Authorization Authentication Bypass Vulnerability. This vulnerability allows local attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specific flaw...

7.8CVSS0.00343EPSS
Exploits0References2
NVD
NVD
added 2024/08/21 4:15 p.m.24 views

CVE-2024-7600

Logsign Unified SecOps Platform Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specific flaw...

8.1CVSS0.02016EPSS
Exploits0References2
NVD
NVD
added 2024/08/21 4:15 p.m.24 views

CVE-2024-7602

Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specif...

6.5CVSS0.02382EPSS
Exploits0References2
NVD
NVD
added 2024/08/21 4:15 p.m.25 views

CVE-2024-7601

Logsign Unified SecOps Platform Directory dataexportdeleteall Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerabilit...

8.1CVSS0.01619EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/21 4:6 p.m.16 views

CVE-2024-7604 Logsign Unified SecOps Platform Incorrect Authorization Authentication Bypass Vulnerability

Logsign Unified SecOps Platform Incorrect Authorization Authentication Bypass Vulnerability. This vulnerability allows local attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specific flaw...

5.1CVSS7AI score0.00343EPSS
Exploits0References2
CVE
CVE
added 2024/08/21 4:6 p.m.85 views

CVE-2024-7604

CVE-2024-7604 affects Logsign Unified SecOps Platform. The issue is an authentication bypass in the HTTP API service (port 443 by default) caused by improper validation of the user’s license expiration date, allowing local attackers to bypass authentication. Descriptions from multiple sources con...

7.8CVSS5.3AI score0.00343EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/08/21 4:6 p.m.29 views

CVE-2024-7603 Logsign Unified SecOps Platform Directory Traversal Arbitrary Directory Deletion Vulnerability

Logsign Unified SecOps Platform Directory Traversal Arbitrary Directory Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary directories on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The...

7.1CVSS0.02016EPSS
Exploits0References2
CVE
CVE
added 2024/08/21 4:6 p.m.89 views

CVE-2024-7603

CVE-2024-7603 affects Logsign Unified SecOps Platform. The vulnerability resides in the HTTP API service (listening on port 443 by default) and stems from insufficient validation of a user-supplied file path used in file operations, enabling a directory-traversal condition that can delete arbitra...

8.1CVSS7AI score0.02016EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/21 4:6 p.m.17 views

CVE-2024-7603 Logsign Unified SecOps Platform Directory Traversal Arbitrary Directory Deletion Vulnerability

Logsign Unified SecOps Platform Directory Traversal Arbitrary Directory Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary directories on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The...

7.1CVSS6.9AI score0.02016EPSS
Exploits0References2
CVE
CVE
added 2024/08/21 4:6 p.m.81 views

CVE-2024-7602

Logsign Unified SecOps Platform contains a Directory Traversal Information Disclosure vulnerability in its HTTP API service (listening on port 443 by default). The flaw arises from insufficient validation of a user-supplied path used in file operations, allowing an attacker to disclose sensitive ...

6.5CVSS6.2AI score0.02382EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/08/21 4:6 p.m.30 views

CVE-2024-7602 Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability

Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specif...

6.5CVSS0.02382EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/21 4:6 p.m.19 views

CVE-2024-7601 Logsign Unified SecOps Platform Directory data_export_delete_all Traversal Arbitrary File Deletion Vulnerability

Logsign Unified SecOps Platform Directory dataexportdeleteall Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerabilit...

7.1CVSS6.9AI score0.01619EPSS
Exploits0References2
CVE
CVE
added 2024/08/21 4:6 p.m.88 views

CVE-2024-7601

CVE-2024-7601 affects Logsign Unified SecOps Platform. The vulnerability resides in the HTTP API service (default port 443) where lack of proper validation of a user-supplied path enables a traversal that can delete arbitrary files in the root context. Exploitation requires authentication, and th...

8.1CVSS7AI score0.01619EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder