📦 Siem
by Logpoint
🔍 What is Siem?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
A Server-Side Request Forgery (SSRF) vulnerability in Logpoint versions before 7.4.0 allows attackers with low-level access to make unauthorized requests from the server. This occurs due to insufficie...
This cross-site scripting (XSS) vulnerability in Logpoint allows attackers to inject malicious scripts into web pages viewed by other users. It affects all Logpoint deployments running versions before...
Logpoint versions before 7.7.0 have an access control misconfiguration that allows li-admin users to access sensitive Redis service information. This exposure can enable privilege escalation attacks. ...
Authenticated users in Logpoint versions before 7.5.0 can inject malicious payloads into Report Templates. When backups are initiated, these payloads execute, allowing remote code execution on the Log...
A Server-Side Request Forgery (SSRF) vulnerability in Logpoint SOAR allows attackers to make the server send requests to internal systems, potentially leaking the Logpoint API token. This token leak c...
This vulnerability allows unauthenticated attackers to register custom authentication plugins in Logpoint, bypassing normal authentication mechanisms. Any Logpoint deployment before version 7.5.0 is a...
This CVE describes a template injection vulnerability in Logpoint's search template feature that uses Jinja templating. Any authenticated user with search template creation privileges can exploit this...
Logpoint versions before 7.7.0 expose sensitive information in system processes during high CPU load conditions. This affects all Logpoint deployments running vulnerable versions, potentially exposing...
This Local File Inclusion vulnerability in Logpoint versions before 7.4.0 allows attackers to read arbitrary files on the system through the File System Collector. Attackers can view sensitive file co...
This vulnerability in Logpoint allows attackers to enumerate valid usernames by timing responses from the Forgot Password endpoint. Attackers can identify which usernames exist in the system, facilita...