Vulnerabilites related to logsign - unified_secops_platform
cve-2024-7564
Vulnerability from cvelistv5
Published
2024-08-06 15:47
Modified
2024-08-07 13:34
Severity ?
EPSS score ?
Summary
Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.
The specific flaw exists within the get_response_json_result endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-24680.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-1021/ | x_research-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Logsign | Unified SecOps Platform |
Version: 6.4.11 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7564",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T13:33:35.480677Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T13:34:22.057Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Unified SecOps Platform",
"vendor": "Logsign",
"versions": [
{
"status": "affected",
"version": "6.4.11"
}
]
}
],
"dateAssigned": "2024-08-06T10:47:33.834-05:00",
"datePublic": "2024-07-30T14:22:06.070-05:00",
"descriptions": [
{
"lang": "en",
"value": "Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the get_response_json_result endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-24680."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T15:47:49.467Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1021",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1021/"
}
],
"source": {
"lang": "en",
"value": "Abdessamad Lahlali and Smile Thanapattheerakul of Trend Micro"
},
"title": "Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-7564",
"datePublished": "2024-08-06T15:47:49.467Z",
"dateReserved": "2024-08-06T15:47:33.796Z",
"dateUpdated": "2024-08-07T13:34:22.057Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-7604
Vulnerability from cvelistv5
Published
2024-08-21 16:06
Modified
2024-08-21 19:55
Severity ?
EPSS score ?
Summary
Logsign Unified SecOps Platform Incorrect Authorization Authentication Bypass Vulnerability. This vulnerability allows local attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.
The specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of the user's license expiration date. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25029.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-1104/ | x_research-advisory | |
| https://support.logsign.net/hc/en-us/articles/20617133769362-06-08-2024-Version-6-4-23-Release-Notes | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Logsign | Unified SecOps Platform |
Version: 6.4.20 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7604",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-21T19:55:20.450765Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T19:55:29.507Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Unified SecOps Platform",
"vendor": "Logsign",
"versions": [
{
"status": "affected",
"version": "6.4.20"
}
]
}
],
"dateAssigned": "2024-08-07T19:17:05.089-05:00",
"datePublic": "2024-08-08T14:44:34.307-05:00",
"descriptions": [
{
"lang": "en",
"value": "Logsign Unified SecOps Platform Incorrect Authorization Authentication Bypass Vulnerability. This vulnerability allows local attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of the user\u0027s license expiration date. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25029."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T16:06:17.339Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1104",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1104/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://support.logsign.net/hc/en-us/articles/20617133769362-06-08-2024-Version-6-4-23-Release-Notes"
}
],
"source": {
"lang": "en",
"value": "Smile Thanapattheerakul of Trend Micro"
},
"title": "Logsign Unified SecOps Platform Incorrect Authorization Authentication Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-7604",
"datePublished": "2024-08-21T16:06:17.339Z",
"dateReserved": "2024-08-08T00:17:05.055Z",
"dateUpdated": "2024-08-21T19:55:29.507Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-9257
Vulnerability from cvelistv5
Published
2024-11-22 21:02
Modified
2024-11-23 01:26
Severity ?
EPSS score ?
Summary
Logsign Unified SecOps Platform delete_gsuite_key_file Input Validation Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files within sensitive directories on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.
The specific flaw exists within the delete_gsuite_key_file endpoint. The issue results from the lack of proper validation of a user-supplied filename prior to using it in file operations. An attacker can leverage this vulnerability to delete critical files on the system. Was ZDI-CAN-25265.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-1295/ | x_research-advisory | |
| https://support.logsign.net/hc/en-us/articles/21062889743762-30-08-2024-Version-6-4-26-Release-Notes | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Logsign | Unified SecOps Platform |
Version: 6.4.24 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9257",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-23T01:19:41.107071Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-23T01:26:27.623Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Unified SecOps Platform",
"vendor": "Logsign",
"versions": [
{
"status": "affected",
"version": "6.4.24"
}
]
}
],
"dateAssigned": "2024-09-26T14:39:04.115-05:00",
"datePublic": "2024-09-26T16:23:20.994-05:00",
"descriptions": [
{
"lang": "en",
"value": "Logsign Unified SecOps Platform delete_gsuite_key_file Input Validation Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files within sensitive directories on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the delete_gsuite_key_file endpoint. The issue results from the lack of proper validation of a user-supplied filename prior to using it in file operations. An attacker can leverage this vulnerability to delete critical files on the system. Was ZDI-CAN-25265."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T21:02:48.622Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1295",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1295/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://support.logsign.net/hc/en-us/articles/21062889743762-30-08-2024-Version-6-4-26-Release-Notes"
}
],
"source": {
"lang": "en",
"value": "Abdessamad Lahlali and Smile Thanapattheerakul of Trend Micro"
},
"title": "Logsign Unified SecOps Platform delete_gsuite_key_file Input Validation Arbitrary File Deletion Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-9257",
"datePublished": "2024-11-22T21:02:48.622Z",
"dateReserved": "2024-09-26T19:39:04.085Z",
"dateUpdated": "2024-11-23T01:26:27.623Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-7600
Vulnerability from cvelistv5
Published
2024-08-21 16:06
Modified
2024-08-21 20:09
Severity ?
EPSS score ?
Summary
Logsign Unified SecOps Platform Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.
The specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of root. Was ZDI-CAN-25025.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-1103/ | x_research-advisory | |
| https://support.logsign.net/hc/en-us/articles/20617133769362-06-08-2024-Version-6-4-23-Release-Notes | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Logsign | Unified SecOps Platform |
Version: 6.4.20 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7600",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-21T20:09:34.171781Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T20:09:41.483Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Unified SecOps Platform",
"vendor": "Logsign",
"versions": [
{
"status": "affected",
"version": "6.4.20"
}
]
}
],
"dateAssigned": "2024-08-07T19:16:36.429-05:00",
"datePublic": "2024-08-08T14:44:22.132-05:00",
"descriptions": [
{
"lang": "en",
"value": "Logsign Unified SecOps Platform Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of root. Was ZDI-CAN-25025."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T16:06:01.959Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1103",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1103/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://support.logsign.net/hc/en-us/articles/20617133769362-06-08-2024-Version-6-4-23-Release-Notes"
}
],
"source": {
"lang": "en",
"value": "Abdessamad Lahlali and Smile Thanapattheerakul of Trend Micro"
},
"title": "Logsign Unified SecOps Platform Directory Traversal Arbitrary File Deletion Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-7600",
"datePublished": "2024-08-21T16:06:01.959Z",
"dateReserved": "2024-08-08T00:16:36.390Z",
"dateUpdated": "2024-08-21T20:09:41.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-1044
Vulnerability from cvelistv5
Published
2025-02-11 19:55
Modified
2025-02-12 14:32
Severity ?
EPSS score ?
Summary
Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the web service, which listens on TCP port 443 by default. The issue results from the lack of proper implementation of the authentication algorithm. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25336.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-25-085/ | x_research-advisory | |
| https://support.logsign.net/hc/en-us/articles/22076844908946-18-10-2024-Version-6-4-32-Release-Notes | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Logsign | Unified SecOps Platform |
Version: 6.4.27 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1044",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-12T14:32:49.361742Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T14:32:55.170Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Unified SecOps Platform",
"vendor": "Logsign",
"versions": [
{
"status": "affected",
"version": "6.4.27"
}
]
}
],
"dateAssigned": "2025-02-04T21:00:30.231Z",
"datePublic": "2025-02-05T23:23:59.393Z",
"descriptions": [
{
"lang": "en",
"value": "Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the web service, which listens on TCP port 443 by default. The issue results from the lack of proper implementation of the authentication algorithm. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25336."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-11T19:55:11.006Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-085",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-085/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://support.logsign.net/hc/en-us/articles/22076844908946-18-10-2024-Version-6-4-32-Release-Notes"
}
],
"source": {
"lang": "en",
"value": "Abdessamad Lahlali and Smile Thanapattheerakul of Trend Micro"
},
"title": "Logsign Unified SecOps Platform Authentication Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-1044",
"datePublished": "2025-02-11T19:55:11.006Z",
"dateReserved": "2025-02-04T21:00:30.180Z",
"dateUpdated": "2025-02-12T14:32:55.170Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-7603
Vulnerability from cvelistv5
Published
2024-08-21 16:06
Modified
2024-08-21 19:57
Severity ?
EPSS score ?
Summary
Logsign Unified SecOps Platform Directory Traversal Arbitrary Directory Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary directories on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.
The specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete directories in the context of root. Was ZDI-CAN-25028.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-1105/ | x_research-advisory | |
| https://support.logsign.net/hc/en-us/articles/20617133769362-06-08-2024-Version-6-4-23-Release-Notes | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Logsign | Unified SecOps Platform |
Version: 6.4.20 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7603",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-21T19:56:52.474761Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T19:57:02.482Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Unified SecOps Platform",
"vendor": "Logsign",
"versions": [
{
"status": "affected",
"version": "6.4.20"
}
]
}
],
"dateAssigned": "2024-08-07T19:16:56.066-05:00",
"datePublic": "2024-08-08T14:44:43.989-05:00",
"descriptions": [
{
"lang": "en",
"value": "Logsign Unified SecOps Platform Directory Traversal Arbitrary Directory Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary directories on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete directories in the context of root. Was ZDI-CAN-25028."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T16:06:13.270Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1105",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1105/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://support.logsign.net/hc/en-us/articles/20617133769362-06-08-2024-Version-6-4-23-Release-Notes"
}
],
"source": {
"lang": "en",
"value": "Abdessamad Lahlali and Smile Thanapattheerakul of Trend Micro"
},
"title": "Logsign Unified SecOps Platform Directory Traversal Arbitrary Directory Deletion Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-7603",
"datePublished": "2024-08-21T16:06:13.270Z",
"dateReserved": "2024-08-08T00:16:56.033Z",
"dateUpdated": "2024-08-21T19:57:02.482Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-7602
Vulnerability from cvelistv5
Published
2024-08-21 16:06
Modified
2024-08-21 19:58
Severity ?
EPSS score ?
Summary
Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.
The specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-25027.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-1102/ | x_research-advisory | |
| https://support.logsign.net/hc/en-us/articles/20617133769362-06-08-2024-Version-6-4-23-Release-Notes | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Logsign | Unified SecOps Platform |
Version: 6.4.20 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7602",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-21T19:58:02.979567Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T19:58:11.201Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Unified SecOps Platform",
"vendor": "Logsign",
"versions": [
{
"status": "affected",
"version": "6.4.20"
}
]
}
],
"dateAssigned": "2024-08-07T19:16:51.555-05:00",
"datePublic": "2024-08-08T14:44:07.350-05:00",
"descriptions": [
{
"lang": "en",
"value": "Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-25027."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T16:06:09.754Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1102",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1102/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://support.logsign.net/hc/en-us/articles/20617133769362-06-08-2024-Version-6-4-23-Release-Notes"
}
],
"source": {
"lang": "en",
"value": "Abdessamad Lahlali and Smile Thanapattheerakul of Trend Micro"
},
"title": "Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-7602",
"datePublished": "2024-08-21T16:06:09.754Z",
"dateReserved": "2024-08-08T00:16:51.521Z",
"dateUpdated": "2024-08-21T19:58:11.201Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-7601
Vulnerability from cvelistv5
Published
2024-08-21 16:06
Modified
2024-08-21 20:08
Severity ?
EPSS score ?
Summary
Logsign Unified SecOps Platform Directory data_export_delete_all Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.
The specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of root. Was ZDI-CAN-25026.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-1106/ | x_research-advisory | |
| https://support.logsign.net/hc/en-us/articles/20617133769362-06-08-2024-Version-6-4-23-Release-Notes | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Logsign | Unified SecOps Platform |
Version: 6.4.20 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7601",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-21T20:08:46.251042Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T20:08:55.067Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Unified SecOps Platform",
"vendor": "Logsign",
"versions": [
{
"status": "affected",
"version": "6.4.20"
}
]
}
],
"dateAssigned": "2024-08-07T19:16:45.572-05:00",
"datePublic": "2024-08-08T14:44:53.524-05:00",
"descriptions": [
{
"lang": "en",
"value": "Logsign Unified SecOps Platform Directory data_export_delete_all Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of root. Was ZDI-CAN-25026."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T16:06:06.261Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1106",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1106/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://support.logsign.net/hc/en-us/articles/20617133769362-06-08-2024-Version-6-4-23-Release-Notes"
}
],
"source": {
"lang": "en",
"value": "Abdessamad Lahlali and Smile Thanapattheerakul of Trend Micro"
},
"title": "Logsign Unified SecOps Platform Directory data_export_delete_all Traversal Arbitrary File Deletion Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-7601",
"datePublished": "2024-08-21T16:06:06.261Z",
"dateReserved": "2024-08-08T00:16:45.531Z",
"dateUpdated": "2024-08-21T20:08:55.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2024-08-21 16:15
Modified
2024-08-23 16:36
Severity ?
Summary
Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.
The specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-25027.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| logsign | unified_secops_platform | 6.4.20 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:logsign:unified_secops_platform:6.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FA92C1EC-6EE6-4576-86D9-355086448B07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-25027."
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n Directory Traversal de la plataforma Logsign Unified SecOps. Esta vulnerabilidad permite a atacantes remotos revelar informaci\u00f3n confidencial sobre las instalaciones afectadas de Logsign Unified SecOps Platform. Se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad. La falla espec\u00edfica existe dentro del servicio API HTTP, que escucha en el puerto TCP 443 de forma predeterminada. El problema se debe a la falta de validaci\u00f3n adecuada de una ruta proporcionada por el usuario antes de usarla en operaciones de archivos. Un atacante puede aprovechar esta vulnerabilidad para revelar informaci\u00f3n en el contexto de la ra\u00edz. Era ZDI-CAN-25027."
}
],
"id": "CVE-2024-7602",
"lastModified": "2024-08-23T16:36:11.690",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-21T16:15:09.940",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
],
"url": "https://support.logsign.net/hc/en-us/articles/20617133769362-06-08-2024-Version-6-4-23-Release-Notes"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1102/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-11-22 21:15
Modified
2025-01-03 22:07
Severity ?
Summary
Logsign Unified SecOps Platform delete_gsuite_key_file Input Validation Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files within sensitive directories on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.
The specific flaw exists within the delete_gsuite_key_file endpoint. The issue results from the lack of proper validation of a user-supplied filename prior to using it in file operations. An attacker can leverage this vulnerability to delete critical files on the system. Was ZDI-CAN-25265.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| logsign | unified_secops_platform | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:logsign:unified_secops_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "518ADDB1-9E95-4198-A8AB-AD8F736B9375",
"versionEndExcluding": "6.4.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Logsign Unified SecOps Platform delete_gsuite_key_file Input Validation Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files within sensitive directories on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the delete_gsuite_key_file endpoint. The issue results from the lack of proper validation of a user-supplied filename prior to using it in file operations. An attacker can leverage this vulnerability to delete critical files on the system. Was ZDI-CAN-25265."
},
{
"lang": "es",
"value": "Vulnerabilidad de eliminaci\u00f3n arbitraria de archivos en la validaci\u00f3n de entrada delete_gsuite_key_file de Logsign Unified SecOps Platform. Esta vulnerabilidad permite a atacantes remotos eliminar archivos arbitrarios dentro de directorios confidenciales en instalaciones afectadas de Logsign Unified SecOps Platform. Se requiere autenticaci\u00f3n para explotar esta vulnerabilidad. La falla espec\u00edfica existe dentro del endpoint delete_gsuite_key_file. El problema es el resultado de la falta de validaci\u00f3n adecuada de un nombre de archivo proporcionado por el usuario antes de usarlo en operaciones de archivo. Un atacante puede aprovechar esta vulnerabilidad para eliminar archivos cr\u00edticos en el sistema. Era ZDI-CAN-25265."
}
],
"id": "CVE-2024-9257",
"lastModified": "2025-01-03T22:07:42.553",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-11-22T21:15:23.787",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
],
"url": "https://support.logsign.net/hc/en-us/articles/21062889743762-30-08-2024-Version-6-4-26-Release-Notes"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1295/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-08-21 16:15
Modified
2024-08-23 16:36
Severity ?
Summary
Logsign Unified SecOps Platform Directory Traversal Arbitrary Directory Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary directories on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.
The specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete directories in the context of root. Was ZDI-CAN-25028.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| logsign | unified_secops_platform | 6.4.20 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:logsign:unified_secops_platform:6.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FA92C1EC-6EE6-4576-86D9-355086448B07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Logsign Unified SecOps Platform Directory Traversal Arbitrary Directory Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary directories on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete directories in the context of root. Was ZDI-CAN-25028."
},
{
"lang": "es",
"value": "Vulnerabilidad de eliminaci\u00f3n arbitraria de Directory Traversal de directorio de la plataforma Logsign Unified SecOps. Esta vulnerabilidad permite a atacantes remotos eliminar directorios arbitrarios en instalaciones afectadas de Logsign Unified SecOps Platform. Se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad. La falla espec\u00edfica existe dentro del servicio API HTTP, que escucha en el puerto TCP 443 de forma predeterminada. El problema se debe a la falta de validaci\u00f3n adecuada de una ruta proporcionada por el usuario antes de usarla en operaciones de archivos. Un atacante puede aprovechar esta vulnerabilidad para eliminar directorios en el contexto ra\u00edz. Era ZDI-CAN-25028."
}
],
"id": "CVE-2024-7603",
"lastModified": "2024-08-23T16:36:28.327",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-21T16:15:10.123",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
],
"url": "https://support.logsign.net/hc/en-us/articles/20617133769362-06-08-2024-Version-6-4-23-Release-Notes"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1105/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-08-06 16:15
Modified
2024-08-07 19:59
Severity ?
Summary
Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.
The specific flaw exists within the get_response_json_result endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-24680.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-24-1021/ | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| logsign | unified_secops_platform | 6.4.11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:logsign:unified_secops_platform:6.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E46C1A3F-9F2B-4396-A847-2AE002C9BB90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the get_response_json_result endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-24680."
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n Directory Traversal de la plataforma Logsign Unified SecOps. Esta vulnerabilidad permite a atacantes remotos revelar informaci\u00f3n confidencial sobre las instalaciones afectadas de Logsign Unified SecOps Platform. Se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad. La falla espec\u00edfica existe dentro del endpoint get_response_json_result. El problema se debe a la falta de validaci\u00f3n adecuada de una ruta proporcionada por el usuario antes de usarla en operaciones de archivos. Un atacante puede aprovechar esta vulnerabilidad para revelar informaci\u00f3n en el contexto de la ra\u00edz. Era ZDI-CAN-24680."
}
],
"id": "CVE-2024-7564",
"lastModified": "2024-08-07T19:59:36.240",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-06T16:15:51.000",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1021/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-08-21 16:15
Modified
2024-08-23 16:37
Severity ?
Summary
Logsign Unified SecOps Platform Incorrect Authorization Authentication Bypass Vulnerability. This vulnerability allows local attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.
The specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of the user's license expiration date. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25029.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| logsign | unified_secops_platform | 6.4.20 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:logsign:unified_secops_platform:6.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FA92C1EC-6EE6-4576-86D9-355086448B07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Logsign Unified SecOps Platform Incorrect Authorization Authentication Bypass Vulnerability. This vulnerability allows local attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of the user\u0027s license expiration date. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25029."
},
{
"lang": "es",
"value": "Vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n de autorizaci\u00f3n incorrecta de la plataforma Logsign Unified SecOps. Esta vulnerabilidad permite a los atacantes locales eludir la autenticaci\u00f3n en las instalaciones afectadas de Logsign Unified SecOps Platform. Se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad. La falla espec\u00edfica existe dentro del servicio API HTTP, que escucha en el puerto TCP 443 de forma predeterminada. El problema se debe a la falta de validaci\u00f3n adecuada de la fecha de vencimiento de la licencia del usuario. Un atacante puede aprovechar esta vulnerabilidad para eludir la autenticaci\u00f3n en el sistema. Era ZDI-CAN-25029."
}
],
"id": "CVE-2024-7604",
"lastModified": "2024-08-23T16:37:09.107",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 2.5,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-21T16:15:10.330",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
],
"url": "https://support.logsign.net/hc/en-us/articles/20617133769362-06-08-2024-Version-6-4-23-Release-Notes"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1104/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-08-21 16:15
Modified
2024-08-23 16:35
Severity ?
Summary
Logsign Unified SecOps Platform Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.
The specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of root. Was ZDI-CAN-25025.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| logsign | unified_secops_platform | 6.4.20 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:logsign:unified_secops_platform:6.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FA92C1EC-6EE6-4576-86D9-355086448B07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Logsign Unified SecOps Platform Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of root. Was ZDI-CAN-25025."
},
{
"lang": "es",
"value": "Vulnerabilidad de eliminaci\u00f3n arbitraria de archivos Directory Traversal de la plataforma Logsign Unified SecOps. Esta vulnerabilidad permite a atacantes remotos eliminar archivos arbitrarios en las instalaciones afectadas de Logsign Unified SecOps Platform. Se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad. La falla espec\u00edfica existe dentro del servicio API HTTP, que escucha en el puerto TCP 443 de forma predeterminada. El problema se debe a la falta de validaci\u00f3n adecuada de una ruta proporcionada por el usuario antes de usarla en operaciones de archivos. Un atacante puede aprovechar esta vulnerabilidad para eliminar archivos en el contexto ra\u00edz. Era ZDI-CAN-25025."
}
],
"id": "CVE-2024-7600",
"lastModified": "2024-08-23T16:35:31.137",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-21T16:15:09.570",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
],
"url": "https://support.logsign.net/hc/en-us/articles/20617133769362-06-08-2024-Version-6-4-23-Release-Notes"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1103/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-02-11 20:15
Modified
2025-02-18 21:34
Severity ?
Summary
Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the web service, which listens on TCP port 443 by default. The issue results from the lack of proper implementation of the authentication algorithm. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25336.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| logsign | unified_secops_platform | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:logsign:unified_secops_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BBD492C-7797-41EB-BF6F-9B3D7B77BB4E",
"versionEndExcluding": "6.4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the web service, which listens on TCP port 443 by default. The issue results from the lack of proper implementation of the authentication algorithm. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25336."
},
{
"lang": "es",
"value": "Vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n en Logsign Unified SecOps Platform. Esta vulnerabilidad permite a atacantes remotos omitir la autenticaci\u00f3n en las instalaciones afectadas de Logsign Unified SecOps Platform. No se requiere autenticaci\u00f3n para explotar esta vulnerabilidad. La falla espec\u00edfica existe dentro del servicio web, que escucha en el puerto TCP 443 de manera predeterminada. El problema es el resultado de la falta de una implementaci\u00f3n adecuada del algoritmo de autenticaci\u00f3n. Un atacante puede aprovechar esta vulnerabilidad para omitir la autenticaci\u00f3n en el sistema. Era ZDI-CAN-25336."
}
],
"id": "CVE-2025-1044",
"lastModified": "2025-02-18T21:34:01.863",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-02-11T20:15:35.913",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
],
"url": "https://support.logsign.net/hc/en-us/articles/22076844908946-18-10-2024-Version-6-4-32-Release-Notes"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-085/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-08-21 16:15
Modified
2024-08-23 16:35
Severity ?
Summary
Logsign Unified SecOps Platform Directory data_export_delete_all Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.
The specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of root. Was ZDI-CAN-25026.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| logsign | unified_secops_platform | 6.4.20 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:logsign:unified_secops_platform:6.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FA92C1EC-6EE6-4576-86D9-355086448B07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Logsign Unified SecOps Platform Directory data_export_delete_all Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of root. Was ZDI-CAN-25026."
},
{
"lang": "es",
"value": "Logsign Unified SecOps Platform Directory data_export_delete_all Vulnerabilidad de eliminaci\u00f3n arbitraria de archivos transversales. Esta vulnerabilidad permite a atacantes remotos eliminar archivos arbitrarios en las instalaciones afectadas de Logsign Unified SecOps Platform. Se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad. La falla espec\u00edfica existe dentro del servicio API HTTP, que escucha en el puerto TCP 443 de forma predeterminada. El problema se debe a la falta de validaci\u00f3n adecuada de una ruta proporcionada por el usuario antes de usarla en operaciones de archivos. Un atacante puede aprovechar esta vulnerabilidad para eliminar archivos en el contexto ra\u00edz. Era ZDI-CAN-25026."
}
],
"id": "CVE-2024-7601",
"lastModified": "2024-08-23T16:35:52.383",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-21T16:15:09.757",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
],
"url": "https://support.logsign.net/hc/en-us/articles/20617133769362-06-08-2024-Version-6-4-23-Release-Notes"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1106/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}