CVE-2024-48954

An issue was discovered in Logpoint before 7.5.0. Unvalidated input during the EventHub Collector setup by an authenticated user leads to Remote Code execution.

CVSS v3 6.4 MEDIUM

6.4^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.6 / Impact : 4.7

Attack Vector ADJACENT_NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://docs.logpoint.com/docs/whats-new-in-logpoint/en/latest/	Release Notes
https://servicedesk.logpoint.com/hc/en-us/articles/21968851138461-Remote-Code-Execution-RCE-in-EventHub-Collector	Vendor Advisory
https://servicedesk.logpoint.com/hc/en-us/sections/7201103730845-Product-Security	Product

Configurations

Configuration 1 (hide)

cpe:2.3:a:logpoint:siem:*:*:*:*:*:*:*:*

History

30 Apr 2025, 16:42

Type	Values Removed	Values Added
First Time		Logpoint siem Logpoint
CPE		cpe:2.3:a:logpoint:siem::::::::
References	~~() https://docs.logpoint.com/docs/whats-new-in-logpoint/en/latest/ -~~	() https://docs.logpoint.com/docs/whats-new-in-logpoint/en/latest/ - Release Notes
References	~~() https://servicedesk.logpoint.com/hc/en-us/articles/21968851138461-Remote-Code-Execution-RCE-in-EventHub-Collector -~~	() https://servicedesk.logpoint.com/hc/en-us/articles/21968851138461-Remote-Code-Execution-RCE-in-EventHub-Collector - Vendor Advisory
References	~~() https://servicedesk.logpoint.com/hc/en-us/sections/7201103730845-Product-Security -~~	() https://servicedesk.logpoint.com/hc/en-us/sections/7201103730845-Product-Security - Product

Information

Published : 2024-11-07 17:15

Updated : 2025-04-30 16:42

NVD link : CVE-2024-48954

Mitre link : CVE-2024-48954

CVE.ORG link : CVE-2024-48954

JSON object : View

Products Affected

logpoint

siem

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

6.4 /10