CVE-2024-48953

An issue was discovered in Logpoint before 7.5.0. Endpoints for creating, editing, or deleting third-party authentication modules lacked proper authorization checks. This allowed unauthenticated users to register their own authentication plugins in Logpoint, resulting in unauthorized access.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.6 / Impact : 5.9

Attack Vector ADJACENT_NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://docs.logpoint.com/docs/whats-new-in-logpoint/en/latest/	Release Notes
https://servicedesk.logpoint.com/hc/en-us/articles/21968899128221-Authentication-Bypass-using-URL-endpoints-in-the-Authentication-Modules	Vendor Advisory
https://servicedesk.logpoint.com/hc/en-us/sections/7201103730845-Product-Security	Product

Configurations

Configuration 1 (hide)

cpe:2.3:a:logpoint:siem:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-11-07 17:15

Updated : 2025-04-30 16:35

NVD link : CVE-2024-48953

Mitre link : CVE-2024-48953

CVE.ORG link : CVE-2024-48953

JSON object : View

Products Affected

logpoint

siem

CWE

CWE-306

Missing Authentication for Critical Function

{"id": "CVE-2024-48953", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.6}]}, "published": "2024-11-07T17:15:08.570", "references": [{"url": "https://docs.logpoint.com/docs/whats-new-in-logpoint/en/latest/", "tags": ["Release Notes"], "source": "[email protected]"}, {"url": "https://servicedesk.logpoint.com/hc/en-us/articles/21968899128221-Authentication-Bypass-using-URL-endpoints-in-the-Authentication-Modules", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://servicedesk.logpoint.com/hc/en-us/sections/7201103730845-Product-Security", "tags": ["Product"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-306"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Logpoint before 7.5.0. Endpoints for creating, editing, or deleting third-party authentication modules lacked proper authorization checks. This allowed unauthenticated users to register their own authentication plugins in Logpoint, resulting in unauthorized access."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en Logpoint antes de la versi\u00f3n 7.5.0. Los endpoints para crear, editar o eliminar m\u00f3dulos de autenticaci\u00f3n de terceros carec\u00edan de las comprobaciones de autorizaci\u00f3n adecuadas. Esto permit\u00eda que los usuarios no autenticados registraran sus propios complementos de autenticaci\u00f3n en Logpoint, lo que daba lugar a un acceso no autorizado."}], "lastModified": "2025-04-30T16:35:55.150", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:logpoint:siem:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88AD9F8A-98CD-459E-A2C4-404AE1F573ED", "versionEndExcluding": "7.5.0"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}