CVE-2024-5716

CVSS 3.0 Score 8.6 of 10 (high)

Details

Published Nov 22, 2024
CWE ID 307

Summary

CVE-2024-5716 is a newly disclosed vulnerability in the Logsign Unified SecOps Platform. This issue allows unauthenticated attackers to bypass the platform's authentication system. The vulnerability is linked to the password reset mechanism, which lacks proper restriction of authentication attempts. As a result, an attacker can reset a user's password and gain unauthorized access to the system. This vulnerability, previously identified as ZDI-CAN-24164, poses a significant risk to organizations using the affected Logsign Unified SecOps Platform version.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share