CVE-2024-33860

{"id": "CVE-2024-33860", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2024-05-07T17:15:09.257", "references": [{"url": "https://logpoint.com", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "https://servicedesk.logpoint.com/hc/en-us/articles/18533986803741-Local-File-Inclusion-in-File-System-Collector", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://logpoint.com", "tags": ["Product"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://servicedesk.logpoint.com/hc/en-us/articles/18533986803741-Local-File-Inclusion-in-File-System-Collector", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-73"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Logpoint before 7.4.0. It allows Local File Inclusion (LFI) when an arbitrary File Path is used within the File System Collector. The content of the file specified can be viewed in the incoming logs."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en Logpoint antes de 7.4.0. Permite la inclusi\u00f3n de archivos locales (LFI) cuando se utiliza una ruta de archivo arbitraria dentro del recopilador del sistema de archivos. El contenido del archivo especificado se puede ver en los registros entrantes."}], "lastModified": "2025-04-18T12:32:57.393", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:logpoint:siem:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38961EE7-E2D5-40AC-B736-C3CA4D5F4953", "versionEndExcluding": "7.4.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}