CVE-2024-48950
Missing Authentication for Critical Function (CWE-306)
Published: Nov 7, 2024 / Updated: 12d ago
010
CVSS 7.5EPSS 0.05%High
CVE info copied to clipboard
An issue was discovered in Logpoint before 7.5.0. An endpoint used by Distributed Logpoint Setup was exposed, allowing unauthenticated attackers to bypass CSRF protections and authentication.
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Timeline
CVE Assignment
NVD published the first details for CVE-2024-48950
Nov 7, 2024 at 5:15 PM
First Article
Feedly found the first article mentioning CVE-2024-48950. See article
Nov 7, 2024 at 5:24 PM / National Vulnerability Database
CVSS Estimate
Feedly estimated the CVSS score as HIGH
Nov 7, 2024 at 5:24 PM
CVSS
A CVSS base score of 7.5 has been assigned.
Nov 7, 2024 at 8:40 PM / nvd
EPSS
EPSS Score was set to: 0.05% (Percentile: 17%)
Nov 8, 2024 at 10:19 AM
Affected Systems
Logpoint
+null more
Attack Patterns
CAPEC-12: Choosing Message Identifier
+null more
News
CVE Alert: CVE-2024-48950 - https://www.redpacketsecurity.com/cve_alert_cve-2024-48950/ #OSINT #ThreatIntel #CyberSecurity #cve_2024_48950
CVE Alert: CVE-2024-48950 - redpacketsecurity.com/cve_al… #OSINT #ThreatIntel #CyberSecurity #cve_2024_48950
CVE Alert: CVE-2024-48950 - https://www. redpacketsecurity.com/cve_aler t_cve-2024-48950/ # OSINT # ThreatIntel # CyberSecurity # cve_2024_48950
CVE Alert: CVE-2024-48950
Affected Endpoints: No affected endpoints listed.
CVE-2024-48950
High Severity Description An issue was discovered in Logpoint before 7.5.0. An endpoint used by Distributed Logpoint Setup was exposed, allowing unauthenticated attackers to bypass CSRF protections and authentication. Read more at https://www.tenable.com/cve/CVE-2024-48950
NA - CVE-2024-48950 - An issue was discovered in Logpoint before...
An issue was discovered in Logpoint before 7.5.0. An endpoint used by Distributed Logpoint Setup was exposed, allowing unauthenticated attackers to bypass CSRF protections and authentication.
See 4 more articles and social media posts