Logo
Resources
Documentation Portal Ideas Portal Logpoint Academy License Portal
Resources
Documentation Portal Ideas Portal Logpoint Academy License Portal
Sign in
  1. Logpoint Service Desk
  2. Products Hub
  3. Product Security

Server Side Request Forgery (SSRF) on Threat Intelligence

Avatar Rushmi Bhuju
February 04, 2025 08:41
Follow

Advisory ID: LVD-2024-0003

CVSSv 3.1 Vector: AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N

CVSSv 3.1 Base Score: 9.6

Severity: Critical

CVE: CVE-2024-33857

CWE: CWE-918

Date Published: 2024-04-30

Description:

Due to a lack of input validation on URLs in Threat Intelligence, an attacker with low-level access to the system can trigger Server Side Request Forgery.

Affected Product:

Logpoint versions before 7.4.0 

Solution:

Upgrade to Logpoint v7.4.0

Acknowledgments: -

 

 

Comments

Article is closed for comments.

Related articles

  • Username enumeration using the forget password endpoint
  • Arbitrary file deletion through URL Injection to SAML SSO-URL Response
  • Path Injection  on Enrichment Sources leading to arbitrary file write in /tmp folder
  • Logpoint response on CVE-2024-3094
  • Self XSS on LDAP authentication
Was this article helpful?
0 out of 0 found this helpful
Privacy policy    EULA    Terms of service   
Copyright © , Logpoint. All rights reserved.

Note: We use cookies that are essential for the smooth functioning of our website.