How severe is CVE-2024-7604?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.1 out of 10.

What type of vulnerability is CVE-2024-7604?

This is classified as CWE-863, which is a common weakness in software security.

CVE-2024-7604 - MEDIUM Severity | CVSS 5.1

Vulnerability Description

Logsign Unified SecOps Platform Incorrect Authorization Authentication Bypass Vulnerability. This vulnerability allows local attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of the user's license expiration date. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25029.

Related Vulnerabilities

CVE-2024-47025

MEDIUM

CVSS:5.1(Medium)

In ppmp_protect_buf of drm_fw.c, there is a possible information disclosure due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges ne...

CWE-8632024

CVE-2025-24099

MEDIUM

CVSS:5.1(Medium)

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.3, macOS Ventura 13.7.3, macOS Sonoma 14.7.3. A local attacker may be able to elevate their privileges.

CWE-8632025

CVE-2019-14832

MEDIUM

CVSS:5.0(Medium)

A flaw was found in the Keycloak REST API before version 8.0.0 where it would permit user access from a realm the user was not configured. An authenticated attacker with knowledge of a user id could u...

CWE-8632019

CVE-2023-25043

MEDIUM

CVSS:5.0(Medium)

Incorrect Authorization vulnerability in Supsystic Data Tables Generator.This issue affects Data Tables Generator: from n/a through 1.10.25.

CWE-8632023

CVE-2024-4465

MEDIUM

CVSS:5.0(Medium)

An access control vulnerability was discovered in the Reports section due to a specific access restriction not being properly enforced for users with limited privileges. If a logged-in user with repor...

CWE-8632024

CVE-2024-48936

MEDIUM

CVSS:5.0(Medium)

SchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users' jobs. This is limited to jobs...

CWE-8632024