Static JWT Key Vulnerability in Logpoint SOAR Product

CVE-2024-48952

What is CVE-2024-48952?

A security issue has been identified in Logpoint that involves the static JWT secret key used for generating tokens. This configuration flaw allows attackers to create their own JWT secret keys, granting them unauthorized access to the Logpoint SOAR API endpoints. As a result, users are at risk of having sensitive data compromised or manipulated without proper authorization. It is crucial for organizations using affected versions to address this vulnerability promptly.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References