Logo
Sign in
  1. Logpoint Service Desk
  2. Products Hub
  3. Product Security

Static JWT Key enables unauthorized API access

Avatar Kripa Thapa
February 04, 2025 08:41
Follow

Advisory ID: LVD-2024-012

CVSSv 4.0 Vector: AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:L/VA:L/SC:L/SI:L/SA:L

CVSSv 4.0 Base Score: 6.1

Severity: Medium

CVE: CVE-2024-48952

CWE: CWE-288

Date Published: 2024-10-02

Description:

SOAR uses a static JWT secret key to generate tokens that allow access to SOAR API endpoints without authentication. This static key vulnerability enables attackers to create custom JWT secret keys for unauthorized access to these endpoints.

Affected Product:

Logpoint versions prior to 7.5.0.

Solution:

Upgrade to Logpoint v7.5.0.

Acknowledgments:

Mehmet D. Ince

Sr. Vulnerability Researcher

Prodaft

Comments

Article is closed for comments.

Related articles

  • Server-Side Request Forgery (SSRF) on SOAR, results in authentication bypass
  • Authentication and CSRF bypass leading to unauthorized access
  • Authentication Bypass using URL endpoints in the Authentication Modules
  • Remote Code Execution while creating Report Templates
  • Logpoint response to latest vulnerabilities
Was this article helpful?
0 out of 0 found this helpful
Privacy policy    EULA    Terms of service   
Copyright © , Logpoint. All rights reserved.

Note: We use cookies that are essential for the smooth functioning of our website.