Siem Security Vulnerabilities and Issues — Siem CVE List

Lucene search

LogpointSiem

5 matches found

CVE•added 2024/11/07 5:15 p.m.•73 views

CVE-2024-48951

An issue was discovered in Logpoint before 7.5.0. Server-Side Request Forgery (SSRF) on SOAR can be used to leak Logpoint's API Token leading to authentication bypass.

7.5CVSS7.3AI score0.00065EPSS

CVE•added 2024/11/07 5:15 p.m.•42 views

CVE-2024-48950

An issue was discovered in Logpoint before 7.5.0. An endpoint used by Distributed Logpoint Setup was exposed, allowing unauthenticated attackers to bypass CSRF protections and authentication.

7.5CVSS7.2AI score0.001EPSS

CVE•added 2024/12/16 6:15 a.m.•42 views

CVE-2024-56086

An issue was discovered in Logpoint before 7.5.0. Authenticated users can inject payloads in Report Templates. These are executed when the backup process is initiated, leading to Remote Code Execution.

7.1CVSS6.9AI score0.00181EPSS

CVE•added 2024/04/27 11:15 p.m.•41 views

CVE-2022-48685

An issue was discovered in Logpoint 7.1 before 7.1.2. The daily executed cron file clean_secbi_old_logs is writable by all users and is executed as root, leading to privilege escalation.

7.7CVSS6.8AI score0.00029EPSS

CVE•added 2024/11/07 5:15 p.m.•41 views

CVE-2024-48953

An issue was discovered in Logpoint before 7.5.0. Endpoints for creating, editing, or deleting third-party authentication modules lacked proper authorization checks. This allowed unauthenticated users to register their own authentication plugins in Logpoint, resulting in unauthorized access.

7.5CVSS7.1AI score0.00078EPSS