20 matches found
CVE-2024-48951
CVE-2024-48951 concerns Logpoint prior to 7.5.0, where a Server-Side Request Forgery (SSRF) on the SOAR component can be abused to disclose the system’s API token, resulting in authentication bypass. Affected product: Logpoint SOAR within the Logpoint platform (versions
CVE-2024-33858
CVE-2024-33858 affects Logpoint before 7.4.0. A path injection flaw occurs when adding a CSV enrichment source: the source_name parameter can be changed to an absolute path, enabling writing the CSV file to that path inside /tmp. This is a vulnerability in the enrichment source handling and could...
CVE-2024-29865
Logpoint before 7.1.0 is vulnerable to Self-XSS on the LDAP authentication page when the attacker-supplied username is entered into the LDAP login form. Affected software: Logpoint prior to 7.1.0. Root cause: cross-site scripting on the LDAP login page. Impact: Self-XSS; exploitation requires use...
CVE-2024-33857
The CVE-2024-33857 affects Logpoint before 7.4.0. Lack of input validation on URLs in threat intelligence allows a low-privilege attacker to trigger server-side request forgery (SSRF). CVSS v3.1: Critical (9.6) with network access, low attack complexity, low privileges, no user interaction; impac...
CVE-2024-33860
Summary : CVE-2024-33860 affects Logpoint before 7.4.0. A Local File Inclusion (LFI) issue arises when an arbitrary file path is used in the File System Collector, allowing the contents of the specified file to appear in incoming logs. Impact : exposes file contents through log data; scope restri...
CVE-2024-33859
Summary: CVE-2024-33859 affects Logpoint versions prior to 7.4.0. The vulnerability arises from HTML code in logs not being escaped in the “Interesting Field” Web UI, enabling cross‑site scripting (XSS). Affected software: Logpoint before 7.4.0. Root cause: insufficient escaping in the Interestin...
CVE-2024-33856
CVE-2024-33856 affects Logpoint before 7.4.0. An attacker can enumerate valid usernames by observing response times at the Forgot Password endpoint, indicating a timing-based leakage. Impact is account enumeration; no broader impact stated. Remediation: upgrade to Logpoint 7.4.0 or later; as a te...
CVE-2024-30176
CVE-2024-30176 affects Logpoint versions prior to 7.4.0. The issue allows an attacker to enumerate a valid list of usernames by using publicly exposed URLs of shared widgets, representing an information disclosure vulnerability. The root cause is exposure of widget URLs that enable username enume...
CVE-2024-48950
Logpoint prior to 7.5.0 contains a vulnerability where an endpoint used by Distributed Logpoint Setup is exposed, allowing unauthenticated attackers to bypass CSRF protections and authentication. Affected product: Logpoint (versions before 7.5.0). Root cause: exposed endpoint enabling CSRF/auth b...
CVE-2024-48953
CVE-2024-48953 affects Logpoint versions prior to 7.5.0. Unauthenticated users could register their own authentication plugins due to missing authorization checks on endpoints that create, edit, or delete third‑party authentication modules, leading to unauthorized access. Affected product: Logpoi...
CVE-2024-56086
CVE-2024-56086 affects Logpoint pre-7.5.0. An authenticated user can inject payloads into report templates, which are executed during the backup process and lead to Remote Code Execution . Affected component is the report template handling within the Logpoint backup workflow; the root cause is un...
CVE-2022-48685
Logpoint 7.1 before 7.1.2 exposes a privilege-escalation issue: the daily cron file clean_secbi_old_logs is writable by all users and runs as root. Affected: Logpoint before 7.1.2. Impact: local privilege escalation. Mitigation: upgrade to 7.1.2 or later; as a temporary workaround, restrict permi...
CVE-2024-56087
CVE-2024-56087 affects Logpoint prior to 7.5.0. Authenticated users can inject payloads through queries in the Search Template Dashboard, which are then executed and cause Server-Side Template Injection. Affected software: Logpoint before 7.5.0. Root cause: injectable payloads in SSTI-prone dashb...
CVE-2023-49950
Summary (concrete): CVE-2023-49950 affects Logpoint SIEM 6.10.0 through 7.x before 7.3.0. A vulnerability in Jinja templating fails to sanitize log data displayed in the Alert view when using a custom template, allowing a remote attacker to craft an XSS payload and potentially cause sensitive dat...
CVE-2024-48954
CVE-2024-48954 affects Logpoint before 7.5.0. The issue arises from unvalidated input during the EventHub Collector setup by an authenticated user, enabling remote code execution. The description consistently ties the vulnerability to the EventHub Collector setup flow and authenticated input hand...
CVE-2024-56085
Vulnerability overview (CVE-2024-56085) : Logpoint versions before 7.5.0 expose a Server-Side Template Injection (SSTI) in the process of creating a Search Template Dashboard . Authenticated users can inject payloads that are executed on the server side, indicating a flaw in the template renderin...
CVE-2022-48684
Logpoint CVE-2022-48684 affects the Logpoint product prior to 7.1.1. The issue is a template injection in the search template that uses Jinja templating to generate dynamic data, which can be abused to achieve code execution. The impact is described as code execution as the loginspect user. Sever...
CVE-2025-66359
The CVE-2025-66359 issue affects Logpoint before 7.7.0. It is a cross-site scripting (XSS) vulnerability caused by insufficient input validation and lack of output escaping across multiple components. Affected software: Logpoint SIEM prior to 7.7.0. Impact: potential execution of injected scripts...
CVE-2025-66360
Logpoint before 7.7.0 is affected. The issue stems from an improperly configured access control policy that exposes sensitive internal Redis service information to li-admin users, enabling privilege escalation. Affected software: Logpoint SIEM prior to 7.7.0. Root cause: misconfigured access cont...
CVE-2025-66361
CVE-2025-66361 affects Logpoint SIEM prior to 7.7.0. The issue is exposure of sensitive information in System Processes during extended high CPU load. Connected sources (Red Hat, CIRCL, EUVD, NVD, etc.) corroborate the same description. No root-cause technical specifics or remediation steps are p...