CVE-2024-48952

MEDIUM

Logpoint SOAR < 7.5.0 - Unauthenticated API Access via Static JWT Key

Title source: llm

Description

An issue was discovered in Logpoint before 7.5.0. SOAR uses a static JWT secret key to generate tokens that allow access to SOAR API endpoints without authentication. This static key vulnerability enables attackers to create custom JWT secret keys for unauthorized access to these endpoints.

References (3)

Core 3

Core References

Release Notes

https://docs.logpoint.com/docs/whats-new-in-logpoint/en/latest/

Vendor Advisory

https://servicedesk.logpoint.com/hc/en-us/articles/21968950913693-Static-JWT-Key-enables-unauthorized-API-access

Product

https://servicedesk.logpoint.com/hc/en-us/sections/7201103730845-Product-Security

Scores

CVSS v3 6.4

EPSS 0.0027

EPSS Percentile 18.4%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-306

Status published

Products (1)

logpoint/soar < 7.5.0

Published Nov 07, 2024

Tracked Since Feb 18, 2026