exploitDog

CVE-2025-66360

Опубликовано: 28 нояб. 2025

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

An issue was discovered in Logpoint before 7.7.0. An improperly configured access control policy exposes sensitive Logpoint internal service (Redis) information to li-admin users. This can lead to privilege escalation.

Ссылки

https://servicedesk.logpoint.com/hc/en-us/articles/29160917867549-Redis-communication-exposed-for-internal-communication
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:logpoint:siem:*:*:*:*:*:*:*:*

Версия до 7.7.0 (исключая)

EPSS

Процентиль: 15%

0.00049

Низкий

8.8 High

CVSS3

Дефекты

CWE-863

Связанные уязвимости

GHSA-79mm-82ph-f99w

CVSS3: 8.8

github

2 месяца назад

An issue was discovered in Logpoint before 7.7.0. An improperly configured access control policy exposes sensitive Logpoint internal service (Redis) information to li-admin users. This can lead to privilege escalation.

EPSS

Процентиль: 15%

0.00049

Низкий

8.8 High

CVSS3

Дефекты

CWE-863