CVE-2024-48952

An issue was discovered in Logpoint before 7.5.0. SOAR uses a static JWT secret key to generate tokens that allow access to SOAR API endpoints without authentication. This static key vulnerability enables attackers to create custom JWT secret keys for unauthorized access to these endpoints.
Configurations

Configuration 1 (hide)

cpe:2.3:a:logpoint:soar:*:*:*:*:*:*:*:*

History

30 Apr 2025, 16:36

Type Values Removed Values Added
CPE cpe:2.3:a:logpoint:soar:*:*:*:*:*:*:*:*
First Time Logpoint soar
Logpoint
References () https://docs.logpoint.com/docs/whats-new-in-logpoint/en/latest/ - () https://docs.logpoint.com/docs/whats-new-in-logpoint/en/latest/ - Release Notes
References () https://servicedesk.logpoint.com/hc/en-us/articles/21968950913693-Static-JWT-Key-enables-unauthorized-API-access - () https://servicedesk.logpoint.com/hc/en-us/articles/21968950913693-Static-JWT-Key-enables-unauthorized-API-access - Vendor Advisory
References () https://servicedesk.logpoint.com/hc/en-us/sections/7201103730845-Product-Security - () https://servicedesk.logpoint.com/hc/en-us/sections/7201103730845-Product-Security - Product

Information

Published : 2024-11-07 17:15

Updated : 2025-04-30 16:36


NVD link : CVE-2024-48952

Mitre link : CVE-2024-48952

CVE.ORG link : CVE-2024-48952


JSON object : View

Products Affected

logpoint

  • soar
CWE
CWE-306

Missing Authentication for Critical Function