PT-2025-48284 · Logpoint · Logpoint
Published
2025-11-27
·
Updated
2025-11-28
·
CVE-2025-66360
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Logpoint versions prior to 7.7.0
Description
An improperly configured access control policy exposes sensitive Logpoint internal service (Redis) information to li-admin users. This can lead to privilege escalation. The Redis service is an in-memory data structure store, used as a database, cache and message broker.
Recommendations
Update Logpoint to version 7.7.0 or later.
Fix
LPE
Incorrect Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Logpoint