162 matches found
CVE-2024-5718 Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability
Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability. The specific...
CVE-2024-5718
CVE-2024-5718 affects Logsign Unified SecOps Platform. The flaw is in the cluster HTTP API, which can be accessed over the default enabled port 1924 without authentication, allowing an attacker to execute arbitrary code with root privileges. The vulnerability is network-based with high impact and...
CVE-2024-5717
CVE-2024-5717 affects Logsign Unified SecOps Platform. The issue is a command-injection vulnerability in the HTTP API caused by improper validation of user-supplied input, allowing an attacker to execute arbitrary code with root privileges. Exploitation requires authentication, but several source...
CVE-2024-5717 Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Logsign Unified SecOps Platform. Although authentication is required to exploit this vulnerability, the existing...
CVE-2024-5716 Logsign Unified SecOps Platform Authentication Bypass Vulnerability
Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2024-5716
CVE-2024-5716 is a Logsign Unified SecOps Platform authentication bypass vulnerability in the password reset flow caused by insufficient rate limiting of reset attempts. Public sources confirm affected software is the Logsign Unified SecOps Platform (pre-6.4.8 per CNNVD) with unauthenticated rese...
LogSign Unified SecOps Platform 操作系统命令注入漏洞
Logsign Unified SecOps Platform is a security operations platform from Logsign, Inc. for collecting, storing, analyzing, and responding to security data from a variety of sources. An operating system command injection vulnerability exists in LogSign Unified SecOps Platform versions prior to 6.4.8...
Logsign Unified SecOps Platform 安全漏洞
Logsign Unified SecOps Platform is a security operations platform from Logsign, Inc. for collecting, storing, analyzing, and responding to security data from a variety of sources. A security vulnerability exists in Logsign Unified SecOps Platform versions prior to 6.4.8 that stems from the use of...
LogSign Unified SecOps Platform 操作系统命令注入漏洞
Logsign Unified SecOps Platform is a security operations platform from Logsign, Inc. for collecting, storing, analyzing, and responding to security data from a variety of sources. An operating system command injection vulnerability exists in LogSign Unified SecOps Platform versions prior to 6.4.8...
Logsign Unified SecOps Platform 访问控制错误漏洞
Logsign Unified SecOps Platform is a security operations platform from Logsign, Inc. for collecting, storing, analyzing, and responding to security data from a variety of sources. An Access Control Error vulnerability exists in Logsign Unified SecOps Platform versions prior to 6.4.8, which stems...
LogSign Unified SecOps Platform 输入验证错误漏洞
Logsign Unified SecOps Platform is a security operations platform from Logsign, Inc. for collecting, storing, analyzing, and responding to security data from a variety of sources. An input validation error vulnerability exists in LogSign Unified SecOps Platform versions prior to 6.4.26, which ste...
PT-2024-39516 · Logsign · Logsign Unified Secops Platform
Name of the Vulnerable Software and Affected Versions: Logsign Unified SecOps Platform affected versions not specified Description: This issue allows remote attackers to delete arbitrary files within sensitive directories on affected installations of Logsign Unified SecOps Platform. Authenticatio...
Logsign Unified SecOps Platform delete_gsuite_key_file Input Validation Arbitrary File Deletion Vulnerability
This vulnerability allows remote attackers to delete arbitrary files within sensitive directories on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specific flaw exists within the deletegsuitekeyfile endpoint. The issue...
Three Recommendations for Creating a Risk-Based Detection and Response Program
It should come as little surprise to most security professionals that keeping pace with the evolution of threat actors has become harder and harder. Maintaining visibility into the threat landscape and on top of external risk vectors is more than a matter of incorporating more point solutions. It...
CVE-2024-7603
Logsign Unified SecOps Platform Directory Traversal Arbitrary Directory Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary directories on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The...
CVE-2024-7604
Logsign Unified SecOps Platform Incorrect Authorization Authentication Bypass Vulnerability. This vulnerability allows local attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specific flaw...
CVE-2024-7602
Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specif...
CVE-2024-7600
Logsign Unified SecOps Platform Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specific flaw...
CVE-2024-7601
Logsign Unified SecOps Platform Directory dataexportdeleteall Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerabilit...
CVE-2024-7600
Logsign Unified SecOps Platform Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specific flaw...