CVE-2024-48952

Name of the Vulnerable Software and Affected Versions Logpoint versions prior to 7.5.0

Description An issue was discovered in Logpoint where SOAR uses a static JWT secret key to generate tokens, allowing access to SOAR API endpoints without authentication. This enables attackers to create custom JWT secret keys for unauthorized access to these endpoints.

Recommendations For versions prior to 7.5.0, update to version 7.5.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the SOAR API endpoints until a patch is available. Avoid using static JWT secret keys in the affected API endpoints until the issue is resolved.