CVE-2024-33860

medium

Description

An issue was discovered in Logpoint before 7.4.0. It allows Local File Inclusion (LFI) when an arbitrary File Path is used within the File System Collector. The content of the file specified can be viewed in the incoming logs.

References

https://servicedesk.logpoint.com/hc/en-us/articles/18533986803741-Local-File-Inclusion-in-File-System-Collector

https://logpoint.com

Details

Source: Mitre, NVD

Published: 2024-05-07

Updated: 2024-05-07

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 6.2

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N