CVE-2024-48952

MEDIUM

6.4

Descricao

An issue was discovered in Logpoint before 7.5.0. SOAR uses a static JWT secret key to generate tokens that allow access to SOAR API endpoints without authentication. This static key vulnerability enables attackers to create custom JWT secret keys for unauthorized access to these endpoints.

Detalhes CVE

Pontuacao CVSS v3.16.4

SeveridadeMEDIUM

Vetor CVSSCVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

Vetor de ataqueADJACENT_NETWORK

ComplexidadeHIGH

Privilegios necessariosNONE

Interacao do usuarioNONE

Publicado11/7/2024

Ultima modificacao4/30/2025

Fontenvd

Avistamentos honeypot0

Produtos afetados

logpoint:soar

Fraquezas (CWE)

CWE-306

Referencias

https://docs.logpoint.com/docs/whats-new-in-logpoint/en/latest/(cve@mitre.org)

https://servicedesk.logpoint.com/hc/en-us/articles/21968950913693-Static-JWT-Key-enables-unauthorized-API-access(cve@mitre.org)

https://servicedesk.logpoint.com/hc/en-us/sections/7201103730845-Product-Security(cve@mitre.org)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.