Advisory Details

June 12th, 2024

Logsign Unified SecOps Platform Authentication Bypass Vulnerability

ZDI-24-616
ZDI-CAN-24164

CVE ID CVE-2024-5716
CVSS SCORE 8.6, AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
AFFECTED VENDORS Logsign
AFFECTED PRODUCTS Unified SecOps Platform
VULNERABILITY DETAILS

This vulnerability allows remote attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the password reset mechanism. The issue results from the lack of restriction of excessive authentication attempts. An attacker can leverage this vulnerability to reset a user's password and bypass authentication on the system.

ADDITIONAL DETAILS Logsign has issued an update to correct this vulnerability. More details can be found at:
https://support.logsign.net/hc/en-us/articles/19316621924754-03-06-2024-Version-6-4-8-Release-Notes
DISCLOSURE TIMELINE
  • 2024-05-31 - Vulnerability reported to vendor
  • 2024-06-12 - Coordinated public release of advisory
  • 2024-07-01 - Advisory Updated
CREDIT Mehmet INCE (@mdisec) from PRODAFT.com
BACK TO ADVISORIES