exploitDog

CVE-2024-33860

Опубликовано: 07 мая 2024

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

An issue was discovered in Logpoint before 7.4.0. It allows Local File Inclusion (LFI) when an arbitrary File Path is used within the File System Collector. The content of the file specified can be viewed in the incoming logs.

Ссылки

https://logpoint.com
Product
https://servicedesk.logpoint.com/hc/en-us/articles/18533986803741-Local-File-Inclusion-in-File-System-Collector
Vendor Advisory
https://logpoint.com
Product
https://servicedesk.logpoint.com/hc/en-us/articles/18533986803741-Local-File-Inclusion-in-File-System-Collector
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:logpoint:siem:*:*:*:*:*:*:*:*

Версия до 7.4.0 (исключая)

EPSS

Процентиль: 45%

0.00228

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-73

Связанные уязвимости

GHSA-gx23-3rqm-g2xc

CVSS3: 6.5

github

почти 2 года назад

An issue was discovered in Logpoint before 7.4.0. It allows Local File Inclusion (LFI) when an arbitrary File Path is used within the File System Collector. The content of the file specified can be viewed in the incoming logs.

EPSS

Процентиль: 45%

0.00228

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-73