CVE-2024-48952

medium

Description

An issue was discovered in Logpoint before 7.5.0. SOAR uses a static JWT secret key to generate tokens that allow access to SOAR API endpoints without authentication. This static key vulnerability enables attackers to create custom JWT secret keys for unauthorized access to these endpoints.

References

https://servicedesk.logpoint.com/hc/en-us/sections/7201103730845-Product-Security

https://servicedesk.logpoint.com/hc/en-us/articles/21968950913693-Static-JWT-Key-enables-unauthorized-API-access

https://docs.logpoint.com/docs/whats-new-in-logpoint/en/latest/

Details

Source: Mitre, NVD

Published: 2024-11-07

Updated: 2024-11-08

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.4

Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

Severity: Medium