CVE-2024-48953

Name of the Vulnerable Software and Affected Versions Logpoint versions prior to 7.5.0

Description An issue was discovered in Logpoint where endpoints for creating, editing, or deleting third-party authentication modules lacked proper authorization checks. This allowed unauthenticated users to register their own authentication plugins, resulting in unauthorized access.

Recommendations For versions prior to 7.5.0, update to version 7.5.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the endpoints for creating, editing, or deleting third-party authentication modules to prevent unauthorized access.