CVE-2022-48684

CVSS 3.1 Score 8.4 of 10 (high)

Details

Published Apr 27, 2024

Updated: Jul 3, 2024

CWE ID 78

CWE ID 1336

Summary

CVE-2022-48684 is a vulnerability affecting Logpoint versions prior to 7.1.1. This issue involves template injection in the search template, which utilizes Jinja templating for dynamic data generation. Malicious actors can exploit this vulnerability to execute code as the loginspect user. Any user with the ability to create search templates is at risk of being targeted.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vpd4XN
https://www.cve.org/CVERecord?id=CVE-2022-48684
https://nvd.nist.gov/vuln/detail/CVE-2022-48684

Back to Vulnerability Database

CVE-2022-48684

CVSS 3.1 Score 8.4 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations