- Description
- Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 443 by default. The issue results from the lack of proper implementation of the authentication algorithm. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25336.
- Source
- zdi-disclosures@trendmicro.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 3.0
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- zdi-disclosures@trendmicro.com
- CWE-287
- nvd@nist.gov
- NVD-CWE-noinfo
- Hype score
- Not currently trending
CVE-2025-1044 Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Lo… https://t.co/F4oCYqMmMc
@CVEnew
11 Feb 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical Logsign Vulnerability Alert! 🚨 A severe flaw (CVE-2025-1044) has been discovered in Logsign’s Unified SecOps Platform, allowing remote attackers to bypass authentication without credentials. 🔗 Read more here: https://t.co/Xy0PSQtApv #CyberSecurity #Logsign #Vuln h
@Hosainfosec
10 Feb 2025
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A severe security vulnerability identified as CVE-2025-1044 has been disclosed in the Logsign Unified SecOps Platform, a widely used software for security operations. #ピッコマでポイ活 #Hacking #バック・トゥ・ザ・フューチャー #GranHernano #NamtanFilm1stFM #ساعه_استجابه #Cyber https://t.co/szEdqOXK60
@techaniruddh
7 Feb 2025
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical vulnerability (CVE-2025-1044) was discovered in the Logsign Unified SecOps Platform, allowing remote attackers to bypass authentication, with a CVSS score of 9.8. This vulnerability exposes sensitive data and risks full compromise without requiring user interaction....
@CybrPulse
7 Feb 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:logsign:unified_secops_platform:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0BBD492C-7797-41EB-BF6F-9B3D7B77BB4E",
"versionEndExcluding": "6.4.32"
}
],
"operator": "OR"
}
]
}
]