Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 443 by default. The issue results from the lack of proper implementation of the authentication algorithm. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25336.
The vulnerability exists in a web service listening on TCP port 443 by default. The problem stems from improper implementation of an authentication algorithm, which allows it to be completely bypassed. An attacker remotely, without authentication and without user interaction, can directly access protected resources of the web service, bypassing access control mechanisms.
An attacker can gain full, unauthorized access to the Logsign Unified SecOps Platform, potentially leading to breach of confidentiality, integrity, and availability of the system and data processed by it.
Update Logsign Unified SecOps Platform to version 6.4.32 or later according to the manufacturer's Release Notes available at https://support.logsign.net/hc/en-us/articles/22076844908946-18-10-2024-Version-6-4-32-Release-Notes
Logsign Unified SecOps Platform — versions indicated in manufacturer references (patch available in version 6.4.32 or later according to manufacturer's Release Notes)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HLogsign Unified Secops Platform
APPLogsign< 6.4.32
Related vulnerabilities
Pominięcie uwierzytelnienia w Logsign Unified SecOps Platform (reset hasła)
Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability. This vulnerability...
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allo...
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allo...
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulnerability allo...