CVE-2024-48954
CVSS 3.1 Score 6.4 of 10 (medium)
Details
Published Nov 7, 2024
Updated: Nov 8, 2024
CWE ID 78
Summary
CVE-2024-48954 is a newly disclosed vulnerability affecting Logpoint versions prior to 7.5.0. The issue arises from unvalidated user input during the EventHub Collector setup process. An authenticated user can exploit this flaw to execute arbitrary code remotely. This vulnerability poses a significant risk, especially in environments where untrusted user input is allowed during setup procedures. It is recommended that users upgrade to the latest version of Logpoint to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.