Description
An issue was discovered in Logpoint before 7.5.0. Endpoints for creating, editing, or deleting third-party authentication modules lacked proper authorization checks. This allowed unauthenticated users to register their own authentication plugins in Logpoint, resulting in unauthorized access.
Vulnerability Information
- Product / Framework: Logpoint
- Vendor Domain: www.logpoint.com
- Vulnerability Type: Missing Authentication
- CVE Details: View Full CVE Details →