CVE-2024-48950

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 7, 2024
Updated: Nov 8, 2024
CWE ID 306

Summary

CVE-2024-48950 is a vulnerability affecting Logpoint before version 7.5.0. This issue involves an exposed endpoint in the Distributed Logpoint Setup process, which bypasses CSRF protections and allows unauthenticated attackers to interfere with the system. Attackers can potentially execute arbitrary actions, leading to significant security risks. It is strongly recommended that users upgrade to the latest version of Logpoint to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share