CNNVD-202511-2989 Information

CNNVD ID

CNNVD-202511-2989

Related CVE

CVE-2025-66360

• CNNVD Published: 2025-11-28

Description (Chinese)

Logpoint SIEM是Logpoint公司的一个安全信息与事件管理（SIEM）解决方案。 Logpoint SIEM 7.7.0之前版本存在安全漏洞，该漏洞源于访问控制策略配置不当，可能导致权限提升。

Description (English)

Logpoint SIEM is a Security Information and Incident Management (SIEM) solution for Logpoint. There was a security loophole in the previous version of Logpoint SIEM 7.7.0, which stemmed from the inappropriate configuration of the access control strategy, which could lead to an increase in privileges.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Logpoint

Published

2025-11-28

Last Modified

2026-02-24

References

https://servicedesk.logpoint.com/hc/en-us/articles/29160917867549-Redis-communication-exposed-for-internal-communication https://access.redhat.com/security/cve/cve-2025-66360

Patch

https://servicedesk.logpoint.com/hc/en-us/articles/29158899698333-XSS-Vulnerability-due-to-insufficient-input-validation