Static JWT Key Vulnerability in Logpoint SOAR Product
CVE-2024-48952
Currently unrated
What is CVE-2024-48952?
A security issue has been identified in Logpoint that involves the static JWT secret key used for generating tokens. This configuration flaw allows attackers to create their own JWT secret keys, granting them unauthorized access to the Logpoint SOAR API endpoints. As a result, users are at risk of having sensitive data compromised or manipulated without proper authorization. It is crucial for organizations using affected versions to address this vulnerability promptly.