Lucene search
K

162 matches found

Vulnrichment
Vulnrichment
added 2024/11/22 8:5 p.m.15 views

CVE-2024-5718 Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability

Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability. The specific...

8.1CVSS8.7AI score0.01445EPSS
Exploits0References2
CVE
CVE
added 2024/11/22 8:5 p.m.90 views

CVE-2024-5718

CVE-2024-5718 affects Logsign Unified SecOps Platform. The flaw is in the cluster HTTP API, which can be accessed over the default enabled port 1924 without authentication, allowing an attacker to execute arbitrary code with root privileges. The vulnerability is network-based with high impact and...

8.1CVSS8.7AI score0.01445EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/11/22 8:5 p.m.83 views

CVE-2024-5717

CVE-2024-5717 affects Logsign Unified SecOps Platform. The issue is a command-injection vulnerability in the HTTP API caused by improper validation of user-supplied input, allowing an attacker to execute arbitrary code with root privileges. Exploitation requires authentication, but several source...

8.8CVSS9.2AI score0.02973EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2024/11/22 8:5 p.m.28 views

CVE-2024-5717 Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability

Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Although authentication is required to exploit this vulnerability, the existing...

8.8CVSS0.02973EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/11/22 8:5 p.m.27 views

CVE-2024-5716 Logsign Unified SecOps Platform Authentication Bypass Vulnerability

Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

8.6CVSS0.01602EPSS
Exploits1References2
CVE
CVE
added 2024/11/22 8:5 p.m.60 views

CVE-2024-5716

CVE-2024-5716 is a Logsign Unified SecOps Platform authentication bypass vulnerability in the password reset flow caused by insufficient rate limiting of reset attempts. Public sources confirm affected software is the Logsign Unified SecOps Platform (pre-6.4.8 per CNNVD) with unauthenticated rese...

9.8CVSS8.9AI score0.01602EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.6 views

LogSign Unified SecOps Platform 操作系统命令注入漏洞

Logsign Unified SecOps Platform is a security operations platform from Logsign, Inc. for collecting, storing, analyzing, and responding to security data from a variety of sources. An operating system command injection vulnerability exists in LogSign Unified SecOps Platform versions prior to 6.4.8...

8.8CVSS9.2AI score0.02973EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.5 views

Logsign Unified SecOps Platform 安全漏洞

Logsign Unified SecOps Platform is a security operations platform from Logsign, Inc. for collecting, storing, analyzing, and responding to security data from a variety of sources. A security vulnerability exists in Logsign Unified SecOps Platform versions prior to 6.4.8 that stems from the use of...

8.8CVSS9.1AI score0.01072EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.4 views

LogSign Unified SecOps Platform 操作系统命令注入漏洞

Logsign Unified SecOps Platform is a security operations platform from Logsign, Inc. for collecting, storing, analyzing, and responding to security data from a variety of sources. An operating system command injection vulnerability exists in LogSign Unified SecOps Platform versions prior to 6.4.8...

8.8CVSS9.3AI score0.02585EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.3 views

Logsign Unified SecOps Platform 访问控制错误漏洞

Logsign Unified SecOps Platform is a security operations platform from Logsign, Inc. for collecting, storing, analyzing, and responding to security data from a variety of sources. An Access Control Error vulnerability exists in Logsign Unified SecOps Platform versions prior to 6.4.8, which stems...

8.1CVSS8.5AI score0.0583EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.4 views

LogSign Unified SecOps Platform 输入验证错误漏洞

Logsign Unified SecOps Platform is a security operations platform from Logsign, Inc. for collecting, storing, analyzing, and responding to security data from a variety of sources. An input validation error vulnerability exists in LogSign Unified SecOps Platform versions prior to 6.4.26, which ste...

6.5CVSS4.9AI score0.00597EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/09/26 12:0 a.m.4 views

PT-2024-39516 · Logsign · Logsign Unified Secops Platform

Name of the Vulnerable Software and Affected Versions: Logsign Unified SecOps Platform affected versions not specified Description: This issue allows remote attackers to delete arbitrary files within sensitive directories on affected installations of Logsign Unified SecOps Platform. Authenticatio...

6.5CVSS6.8AI score0.00597EPSS
Exploits0References6
Zero Day Initiative
Zero Day Initiative
added 2024/09/26 12:0 a.m.7 views

Logsign Unified SecOps Platform delete_gsuite_key_file Input Validation Arbitrary File Deletion Vulnerability

This vulnerability allows remote attackers to delete arbitrary files within sensitive directories on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specific flaw exists within the deletegsuitekeyfile endpoint. The issue...

4.3CVSS6.6AI score0.00597EPSS
Exploits0References1
Rapid7 Blog
Rapid7 Blog
added 2024/09/24 1:0 p.m.11 views

Three Recommendations for Creating a Risk-Based Detection and Response Program

It should come as little surprise to most security professionals that keeping pace with the evolution of threat actors has become harder and harder. Maintaining visibility into the threat landscape and on top of external risk vectors is more than a matter of incorporating more point solutions. It...

6.8AI score
Exploits0
OSV
OSV
added 2024/08/21 4:15 p.m.2 views

CVE-2024-7603

Logsign Unified SecOps Platform Directory Traversal Arbitrary Directory Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary directories on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The...

8.1CVSS5.9AI score0.02016EPSS
Exploits0References2
NVD
NVD
added 2024/08/21 4:15 p.m.19 views

CVE-2024-7604

Logsign Unified SecOps Platform Incorrect Authorization Authentication Bypass Vulnerability. This vulnerability allows local attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specific flaw...

7.8CVSS0.00343EPSS
Exploits0References2
NVD
NVD
added 2024/08/21 4:15 p.m.23 views

CVE-2024-7602

Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specif...

6.5CVSS0.02382EPSS
Exploits0References2
OSV
OSV
added 2024/08/21 4:15 p.m.6 views

CVE-2024-7600

Logsign Unified SecOps Platform Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specific flaw...

8.1CVSS5.9AI score0.02016EPSS
Exploits0References2
NVD
NVD
added 2024/08/21 4:15 p.m.25 views

CVE-2024-7601

Logsign Unified SecOps Platform Directory dataexportdeleteall Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerabilit...

8.1CVSS0.01619EPSS
Exploits0References2
NVD
NVD
added 2024/08/21 4:15 p.m.23 views

CVE-2024-7600

Logsign Unified SecOps Platform Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specific flaw...

8.1CVSS0.02016EPSS
Exploits0References2
Rows per page
Query Builder