Описание
An issue was discovered in Logpoint before 7.4.0. A path injection vulnerability is seen while adding a CSV enrichment source. The source_name parameter could be changed to an absolute path; this will write the CSV file to that path inside the /tmp directory.
Ссылки
- Vendor Advisory
- Product
- Vendor Advisory
- Product
Уязвимые конфигурации
Конфигурация 1Версия до 7.4.0 (исключая)
cpe:2.3:a:logpoint:siem:*:*:*:*:*:*:*:*
EPSS
Процентиль: 45%
0.00222
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-91
Связанные уязвимости
CVSS3: 5.3
github
почти 2 года назад
An issue was discovered in Logpoint before 7.4.0. A path injection vulnerability is seen while adding a CSV enrichment source. The source_name parameter could be changed to an absolute path; this will write the CSV file to that path inside the /tmp directory.
EPSS
Процентиль: 45%
0.00222
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-91