Lucene search
K
LogpointSiem

20 matches found

CVE
CVE
added 2024/11/07 12:0 a.m.85 views

CVE-2024-48951

CVE-2024-48951 concerns Logpoint prior to 7.5.0, where a Server-Side Request Forgery (SSRF) on the SOAR component can be abused to disclose the system’s API token, resulting in authentication bypass. Affected product: Logpoint SOAR within the Logpoint platform (versions

7.5CVSS7.3AI score0.00312EPSS
CVE
CVE
added 2024/05/07 12:0 a.m.72 views

CVE-2024-33858

CVE-2024-33858 affects Logpoint before 7.4.0. A path injection flaw occurs when adding a CSV enrichment source: the source_name parameter can be changed to an absolute path, enabling writing the CSV file to that path inside /tmp. This is a vulnerability in the enrichment source handling and could...

5.3CVSS7AI score0.00487EPSS
CVE
CVE
added 2024/03/22 12:0 a.m.68 views

CVE-2024-29865

Logpoint before 7.1.0 is vulnerable to Self-XSS on the LDAP authentication page when the attacker-supplied username is entered into the LDAP login form. Affected software: Logpoint prior to 7.1.0. Root cause: cross-site scripting on the LDAP login page. Impact: Self-XSS; exploitation requires use...

5.4CVSS7AI score0.00307EPSS
CVE
CVE
added 2024/05/07 12:0 a.m.65 views

CVE-2024-33857

The CVE-2024-33857 affects Logpoint before 7.4.0. Lack of input validation on URLs in threat intelligence allows a low-privilege attacker to trigger server-side request forgery (SSRF). CVSS v3.1: Critical (9.6) with network access, low attack complexity, low privileges, no user interaction; impac...

9.6CVSS6.7AI score0.00396EPSS
CVE
CVE
added 2024/05/07 12:0 a.m.65 views

CVE-2024-33860

Summary : CVE-2024-33860 affects Logpoint before 7.4.0. A Local File Inclusion (LFI) issue arises when an arbitrary file path is used in the File System Collector, allowing the contents of the specified file to appear in incoming logs. Impact : exposes file contents through log data; scope restri...

6.5CVSS6.9AI score0.00446EPSS
CVE
CVE
added 2024/05/07 12:0 a.m.60 views

CVE-2024-33859

Summary: CVE-2024-33859 affects Logpoint versions prior to 7.4.0. The vulnerability arises from HTML code in logs not being escaped in the “Interesting Field” Web UI, enabling cross‑site scripting (XSS). Affected software: Logpoint before 7.4.0. Root cause: insufficient escaping in the Interestin...

6.1CVSS6.8AI score0.00311EPSS
CVE
CVE
added 2024/05/01 12:0 a.m.58 views

CVE-2024-30176

CVE-2024-30176 affects Logpoint versions prior to 7.4.0. The issue allows an attacker to enumerate a valid list of usernames by using publicly exposed URLs of shared widgets, representing an information disclosure vulnerability. The root cause is exposure of widget URLs that enable username enume...

5.3CVSS6.8AI score0.0038EPSS
CVE
CVE
added 2024/05/07 12:0 a.m.57 views

CVE-2024-33856

CVE-2024-33856 affects Logpoint before 7.4.0. An attacker can enumerate valid usernames by observing response times at the Forgot Password endpoint, indicating a timing-based leakage. Impact is account enumeration; no broader impact stated. Remediation: upgrade to Logpoint 7.4.0 or later; as a te...

5.3CVSS6.8AI score0.0038EPSS
CVE
CVE
added 2024/11/07 12:0 a.m.57 views

CVE-2024-48950

Logpoint prior to 7.5.0 contains a vulnerability where an endpoint used by Distributed Logpoint Setup is exposed, allowing unauthenticated attackers to bypass CSRF protections and authentication. Affected product: Logpoint (versions before 7.5.0). Root cause: exposed endpoint enabling CSRF/auth b...

7.5CVSS7.2AI score0.0032EPSS
CVE
CVE
added 2024/11/07 12:0 a.m.57 views

CVE-2024-48953

CVE-2024-48953 affects Logpoint versions prior to 7.5.0. Unauthenticated users could register their own authentication plugins due to missing authorization checks on endpoints that create, edit, or delete third‑party authentication modules, leading to unauthorized access. Affected product: Logpoi...

7.5CVSS7.1AI score0.00317EPSS
CVE
CVE
added 2024/12/16 12:0 a.m.55 views

CVE-2024-56086

CVE-2024-56086 affects Logpoint pre-7.5.0. An authenticated user can inject payloads into report templates, which are executed during the backup process and lead to Remote Code Execution . Affected component is the report template handling within the Logpoint backup workflow; the root cause is un...

7.1CVSS6.9AI score0.00399EPSS
CVE
CVE
added 2024/04/27 12:0 a.m.54 views

CVE-2022-48685

Logpoint 7.1 before 7.1.2 exposes a privilege-escalation issue: the daily cron file clean_secbi_old_logs is writable by all users and runs as root. Affected: Logpoint before 7.1.2. Impact: local privilege escalation. Mitigation: upgrade to 7.1.2 or later; as a temporary workaround, restrict permi...

7.7CVSS6.8AI score0.00166EPSS
CVE
CVE
added 2024/11/07 12:0 a.m.52 views

CVE-2024-48954

CVE-2024-48954 affects Logpoint before 7.5.0. The issue arises from unvalidated input during the EventHub Collector setup by an authenticated user, enabling remote code execution. The description consistently ties the vulnerability to the EventHub Collector setup flow and authenticated input hand...

6.4CVSS7.3AI score0.00418EPSS
CVE
CVE
added 2024/12/16 12:0 a.m.52 views

CVE-2024-56087

CVE-2024-56087 affects Logpoint prior to 7.5.0. Authenticated users can inject payloads through queries in the Search Template Dashboard, which are then executed and cause Server-Side Template Injection. Affected software: Logpoint before 7.5.0. Root cause: injectable payloads in SSTI-prone dashb...

5.9CVSS6.5AI score0.00283EPSS
CVE
CVE
added 2024/02/03 12:0 a.m.51 views

CVE-2023-49950

Summary (concrete): CVE-2023-49950 affects Logpoint SIEM 6.10.0 through 7.x before 7.3.0. A vulnerability in Jinja templating fails to sanitize log data displayed in the Alert view when using a custom template, allowing a remote attacker to craft an XSS payload and potentially cause sensitive dat...

5.4CVSS5.3AI score0.00505EPSS
CVE
CVE
added 2024/12/16 12:0 a.m.51 views

CVE-2024-56085

Vulnerability overview (CVE-2024-56085) : Logpoint versions before 7.5.0 expose a Server-Side Template Injection (SSTI) in the process of creating a Search Template Dashboard . Authenticated users can inject payloads that are executed on the server side, indicating a flaw in the template renderin...

5.9CVSS6.5AI score0.00283EPSS
CVE
CVE
added 2024/04/27 12:0 a.m.48 views

CVE-2022-48684

Logpoint CVE-2022-48684 affects the Logpoint product prior to 7.1.1. The issue is a template injection in the search template that uses Jinja templating to generate dynamic data, which can be abused to achieve code execution. The impact is described as code execution as the loginspect user. Sever...

8.8CVSS7.6AI score0.00639EPSS
CVE
CVE
added 2025/11/27 12:0 a.m.13 views

CVE-2025-66359

The CVE-2025-66359 issue affects Logpoint before 7.7.0. It is a cross-site scripting (XSS) vulnerability caused by insufficient input validation and lack of output escaping across multiple components. Affected software: Logpoint SIEM prior to 7.7.0. Impact: potential execution of injected scripts...

8.5CVSS5.6AI score0.0016EPSS
CVE
CVE
added 2025/11/27 12:0 a.m.12 views

CVE-2025-66360

Logpoint before 7.7.0 is affected. The issue stems from an improperly configured access control policy that exposes sensitive internal Redis service information to li-admin users, enabling privilege escalation. Affected software: Logpoint SIEM prior to 7.7.0. Root cause: misconfigured access cont...

8.8CVSS6.3AI score0.00258EPSS
CVE
CVE
added 2025/11/27 12:0 a.m.10 views

CVE-2025-66361

CVE-2025-66361 affects Logpoint SIEM prior to 7.7.0. The issue is exposure of sensitive information in System Processes during extended high CPU load. Connected sources (Red Hat, CIRCL, EUVD, NVD, etc.) corroborate the same description. No root-cause technical specifics or remediation steps are p...

6.9CVSS6.3AI score0.00249EPSS