CVE-2024-36383

Name of the Vulnerable Software and Affected Versions Logpoint SAML Authentication versions prior to 6.0.3

Description An issue in Logpoint SAML Authentication allows an attacker to place a crafted filename in the state field of a SAML SSO-URL response. This can lead to the deletion of the file corresponding to the crafted filename, resulting in a SAML Authentication login outage. The vulnerability is related to incorrect external management of a filename or path. Exploitation can allow a remote attacker to delete arbitrary files and cause authentication failures.

Recommendations For versions prior to 6.0.3, update to version 6.0.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the SAML SSO-URL response to minimize the risk of exploitation. Avoid using crafted filenames in the state field of the SAML SSO-URL response until the issue is resolved.