67 matches found
CVE-2024-5718
Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability. The specific...
CVE-2024-5720
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Although authentication is required to exploit this vulnerability, the existing...
CVE-2024-5722
Logsign Unified SecOps Platform HTTP API Hard-coded Cryptographic Key Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this...
CVE-2024-5717
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Although authentication is required to exploit this vulnerability, the existing...
CVE-2024-5722 Logsign Unified SecOps Platform HTTP API Hard-coded Cryptographic Key Remote Code Execution Vulnerability
Logsign Unified SecOps Platform HTTP API Hard-coded Cryptographic Key Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this...
CVE-2024-5722 Logsign Unified SecOps Platform HTTP API Hard-coded Cryptographic Key Remote Code Execution Vulnerability
Logsign Unified SecOps Platform HTTP API Hard-coded Cryptographic Key Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this...
CVE-2024-5722
CVE-2024-5722 describes a remote code execution vulnerability in the Logsign Unified SecOps Platform via the HTTP API, arising from a hard-coded cryptographic key. The flaw enables network-adjacent attackers to execute code with root privileges without authentication. Public references indicate a...
CVE-2024-5721 Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability
Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability. The specific...
CVE-2024-5720
Logsign Unified SecOps Platform is affected by a command injection vulnerability in its HTTP API. The flaw stems from insufficient validation of a user-supplied string used to construct a system call, allowing an attacker to execute code with root privileges. Several sources (including ZDI adviso...
CVE-2024-5720 Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Although authentication is required to exploit this vulnerability, the existing...
CVE-2024-5719 Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Although authentication is required to exploit this vulnerability, the existing...
CVE-2024-5719 Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Although authentication is required to exploit this vulnerability, the existing...
CVE-2024-5719
CVE-2024-5719 affects Logsign Unified SecOps Platform. The flaw is in the HTTP API implementation where a user-supplied string is not properly validated before being used in a system call, enabling a remote attacker to execute arbitrary code with root privileges. Authentication is required to exp...
CVE-2024-5718 Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability
Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability. The specific...
CVE-2024-5718
CVE-2024-5718 affects Logsign Unified SecOps Platform. The flaw is in the cluster HTTP API, which can be accessed over the default enabled port 1924 without authentication, allowing an attacker to execute arbitrary code with root privileges. The vulnerability is network-based with high impact and...
CVE-2024-5717
CVE-2024-5717 affects Logsign Unified SecOps Platform. The issue is a command-injection vulnerability in the HTTP API caused by improper validation of user-supplied input, allowing an attacker to execute arbitrary code with root privileges. Exploitation requires authentication, but several source...
CVE-2024-5717 Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Although authentication is required to exploit this vulnerability, the existing...
CVE-2024-5716
CVE-2024-5716 is a Logsign Unified SecOps Platform authentication bypass vulnerability in the password reset flow caused by insufficient rate limiting of reset attempts. Public sources confirm affected software is the Logsign Unified SecOps Platform (pre-6.4.8 per CNNVD) with unauthenticated rese...
CVE-2024-5716 Logsign Unified SecOps Platform Authentication Bypass Vulnerability
Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
LogSign Unified SecOps Platform 输入验证错误漏洞
Logsign Unified SecOps Platform is a security operations platform from Logsign, Inc. for collecting, storing, analyzing, and responding to security data from a variety of sources. An input validation error vulnerability exists in LogSign Unified SecOps Platform versions prior to 6.4.26, which ste...