Logsign Unified SecOps Platform Authentication Bypass via Password Reset (CVE-2024-5716)

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability Name: Logsign Unified SecOps Platform Authentication Bypass Vulnerability 2. Vulnerability ID: ZDI-24-616, ZDI-CAN-24164 3. CVE ID: CVE-2024-5716 4. CVSS Score: 8.6 5. Affected Vendor: Logsign 6. Affected Product: Unified SecOps Platform 7. Vulnerability Details: - This vulnerability allows remote attackers to bypass authentication for affected installations of Logsign Unified SecOps Platform. - The specific flaw resides in the password reset mechanism. The issue stems from the lack of restrictions on excessive authentication attempts. - Attackers can exploit this vulnerability to reset user passwords and bypass system authentication. 8. Additional Details: - Logsign has released an update to fix this vulnerability. - More details can be found at the following link: https://support.logsign.net/hc/en-us/articles/19316621924754-03-06-2024-Version-6-4-8-Release-Notes 9. Disclosure Timeline: - 2024-05-31 - Vulnerability reported to vendor - 2024-06-12 - Coordinated public disclosure of vulnerability advisory - 2024-08-15 - Update advisory released 10. Credit: - Mehmet INCE (@mdisec) from PRODAFT.com This information provides a detailed description of the vulnerability, including its severity, affected systems and vendor, remediation steps, and disclosure timeline.

Goal Reached Thanks to every supporter — we hit 100%!

Logsign Unified SecOps Platform Authentication Bypass via Password Reset (CVE-2024-5716)