Lucene search
+L

67 matches found

NVD
NVD
added 2024/11/22 8:15 p.m.22 views

CVE-2024-5718

Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability. The specific...

8.1CVSS0.01445EPSS
Exploits0References2
NVD
NVD
added 2024/11/22 8:15 p.m.19 views

CVE-2024-5720

Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Although authentication is required to exploit this vulnerability, the existing...

8.8CVSS0.02585EPSS
Exploits0References2
NVD
NVD
added 2024/11/22 8:15 p.m.20 views

CVE-2024-5722

Logsign Unified SecOps Platform HTTP API Hard-coded Cryptographic Key Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this...

8.8CVSS0.01072EPSS
Exploits0References2
NVD
NVD
added 2024/11/22 8:15 p.m.19 views

CVE-2024-5717

Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Although authentication is required to exploit this vulnerability, the existing...

8.8CVSS0.02973EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/11/22 8:5 p.m.18 views

CVE-2024-5722 Logsign Unified SecOps Platform HTTP API Hard-coded Cryptographic Key Remote Code Execution Vulnerability

Logsign Unified SecOps Platform HTTP API Hard-coded Cryptographic Key Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this...

8.8CVSS7.8AI score0.01072EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/22 8:5 p.m.30 views

CVE-2024-5722 Logsign Unified SecOps Platform HTTP API Hard-coded Cryptographic Key Remote Code Execution Vulnerability

Logsign Unified SecOps Platform HTTP API Hard-coded Cryptographic Key Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this...

8.8CVSS0.01072EPSS
Exploits0References2
CVE
CVE
added 2024/11/22 8:5 p.m.92 views

CVE-2024-5722

CVE-2024-5722 describes a remote code execution vulnerability in the Logsign Unified SecOps Platform via the HTTP API, arising from a hard-coded cryptographic key. The flaw enables network-adjacent attackers to execute code with root privileges without authentication. Public references indicate a...

8.8CVSS9.1AI score0.01072EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/22 8:5 p.m.19 views

CVE-2024-5721 Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability

Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability. The specific...

8.1CVSS8.7AI score0.0583EPSS
Exploits0References2
CVE
CVE
added 2024/11/22 8:5 p.m.90 views

CVE-2024-5720

Logsign Unified SecOps Platform is affected by a command injection vulnerability in its HTTP API. The flaw stems from insufficient validation of a user-supplied string used to construct a system call, allowing an attacker to execute code with root privileges. Several sources (including ZDI adviso...

8.8CVSS9.2AI score0.02585EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/22 8:5 p.m.14 views

CVE-2024-5720 Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability

Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Although authentication is required to exploit this vulnerability, the existing...

8.8CVSS8.2AI score0.02585EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/22 8:5 p.m.17 views

CVE-2024-5719 Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability

Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Although authentication is required to exploit this vulnerability, the existing...

8.8CVSS8.2AI score0.02585EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/22 8:5 p.m.27 views

CVE-2024-5719 Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability

Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Although authentication is required to exploit this vulnerability, the existing...

8.8CVSS0.02585EPSS
Exploits0References2
CVE
CVE
added 2024/11/22 8:5 p.m.84 views

CVE-2024-5719

CVE-2024-5719 affects Logsign Unified SecOps Platform. The flaw is in the HTTP API implementation where a user-supplied string is not properly validated before being used in a system call, enabling a remote attacker to execute arbitrary code with root privileges. Authentication is required to exp...

8.8CVSS9.2AI score0.02585EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/11/22 8:5 p.m.27 views

CVE-2024-5718 Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability

Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability. The specific...

8.1CVSS0.01445EPSS
Exploits0References2
CVE
CVE
added 2024/11/22 8:5 p.m.96 views

CVE-2024-5718

CVE-2024-5718 affects Logsign Unified SecOps Platform. The flaw is in the cluster HTTP API, which can be accessed over the default enabled port 1924 without authentication, allowing an attacker to execute arbitrary code with root privileges. The vulnerability is network-based with high impact and...

8.1CVSS8.7AI score0.01445EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/11/22 8:5 p.m.87 views

CVE-2024-5717

CVE-2024-5717 affects Logsign Unified SecOps Platform. The issue is a command-injection vulnerability in the HTTP API caused by improper validation of user-supplied input, allowing an attacker to execute arbitrary code with root privileges. Exploitation requires authentication, but several source...

8.8CVSS9.2AI score0.02973EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2024/11/22 8:5 p.m.33 views

CVE-2024-5717 Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability

Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Although authentication is required to exploit this vulnerability, the existing...

8.8CVSS0.02973EPSS
Exploits1References2
CVE
CVE
added 2024/11/22 8:5 p.m.66 views

CVE-2024-5716

CVE-2024-5716 is a Logsign Unified SecOps Platform authentication bypass vulnerability in the password reset flow caused by insufficient rate limiting of reset attempts. Public sources confirm affected software is the Logsign Unified SecOps Platform (pre-6.4.8 per CNNVD) with unauthenticated rese...

9.8CVSS8.9AI score0.01602EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2024/11/22 8:5 p.m.32 views

CVE-2024-5716 Logsign Unified SecOps Platform Authentication Bypass Vulnerability

Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

8.6CVSS0.01602EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.4 views

LogSign Unified SecOps Platform 输入验证错误漏洞

Logsign Unified SecOps Platform is a security operations platform from Logsign, Inc. for collecting, storing, analyzing, and responding to security data from a variety of sources. An input validation error vulnerability exists in LogSign Unified SecOps Platform versions prior to 6.4.26, which ste...

6.5CVSS4.9AI score0.00597EPSS
Exploits0References2
Rows per page
Query Builder