CVE-2024-33860

EUVD-2024-31566
An issue was discovered in Logpoint before 7.4.0. It allows Local File Inclusion (LFI) when an arbitrary File Path is used within the File System Collector. The content of the file specified can be viewed in the incoming logs.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 45%
Affected Products (NVD)
VendorProductVersion
logpointsiem
𝑥
< 7.4.0
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
logpointlogpoint
- ≤
𝑥
< 7.4.0
ADP
Common Weakness Enumeration
References
https://logpoint.com
https://servicedesk.logpoint.com/hc/en-us/articles/18533986803741-Local-File-Inclusion-in-File-System-Collector
https://logpoint.com
https://servicedesk.logpoint.com/hc/en-us/articles/18533986803741-Local-File-Inclusion-in-File-System-Collector