Logsign Unified SecOps Platform Vulnerabilities
Identification of multiple critical vulnerabilities in Logsign Unified SecOps Platform, including authentication bypass and remote code execution.
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Time Interval
672 sec
Scan only one
Domain, Ipv4
Toolbox
-
This summary details the discovery of several critical vulnerabilities in the Logsign Unified SecOps Platform. The identified vulnerabilities include an authentication bypass (CVE-2024-5716), multiple instances of remote code execution via command injection (CVE-2024-5717, CVE-2024-5719, CVE-2024-5720), missing authentication vulnerabilities (CVE-2024-5718, CVE-2024-5721), and an HTTP API vulnerability caused by a hard-coded cryptographic key (CVE-2024-5722). These vulnerabilities pose significant risks, potentially allowing unauthorized access, control over the system, and data breaches.