Vulnerabilities > CVE-2025-1044 - Unspecified vulnerability in Logsign Unified Secops Platform

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

logsign

critical

NVD

Published: 2025-02-11

Updated: 2025-02-18

Summary

Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 443 by default. The issue results from the lack of proper implementation of the authentication algorithm. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25336.

Vulnerable Configurations

Part	Description	Count
Application	Logsign Logsign Unified Secops Platform 6.2.79 Logsign Unified Secops Platform 6.2.85 Logsign Unified Secops Platform 6.2.86 Logsign Unified Secops Platform 6.2.87 Logsign Unified Secops Platform 6.2.88 Logsign Unified Secops Platform 6.2.92 Logsign Unified Secops Platform 6.2.93 Logsign Unified Secops Platform 6.2.94 Logsign Unified Secops Platform 6.2.95 Logsign Unified Secops Platform 6.2.96 Logsign Unified Secops Platform 6.2.97 Logsign Unified Secops Platform 6.2.98 Logsign Unified Secops Platform 6.2.99 Logsign Unified Secops Platform 6.2.100 Logsign Unified Secops Platform 6.2.101 Logsign Unified Secops Platform 6.2.102 Logsign Unified Secops Platform 6.2.103 Logsign Unified Secops Platform 6.2.104 Logsign Unified Secops Platform 6.2.105 Logsign Unified Secops Platform 6.2.106 Logsign Unified Secops Platform 6.2.107 Logsign Unified Secops Platform 6.2.108 Logsign Unified Secops Platform 6.2.109 Logsign Unified Secops Platform 6.2.110 Logsign Unified Secops Platform 6.2.111 Logsign Unified Secops Platform 6.2.112 Logsign Unified Secops Platform 6.2.113 Logsign Unified Secops Platform 6.3.1 Logsign Unified Secops Platform 6.3.2 Logsign Unified Secops Platform 6.3.3 Logsign Unified Secops Platform 6.3.4 Logsign Unified Secops Platform 6.3.5 Logsign Unified Secops Platform 6.3.6 Logsign Unified Secops Platform 6.3.7 Logsign Unified Secops Platform 6.3.8 Logsign Unified Secops Platform 6.3.9 Logsign Unified Secops Platform 6.3.10 Logsign Unified Secops Platform 6.3.11 Logsign Unified Secops Platform 6.3.12 Logsign Unified Secops Platform 6.3.13 Logsign Unified Secops Platform 6.3.14 Logsign Unified Secops Platform 6.3.15 Logsign Unified Secops Platform 6.3.16 Logsign Unified Secops Platform 6.3.17 Logsign Unified Secops Platform 6.3.18 Logsign Unified Secops Platform 6.3.19 Logsign Unified Secops Platform 6.3.20 Logsign Unified Secops Platform 6.3.21 Logsign Unified Secops Platform 6.3.22 Logsign Unified Secops Platform 6.3.23 Logsign Unified Secops Platform 6.3.24 Logsign Unified Secops Platform 6.3.25 Logsign Unified Secops Platform 6.3.26 Logsign Unified Secops Platform 6.3.27 Logsign Unified Secops Platform 6.3.28 Logsign Unified Secops Platform 6.3.29 Logsign Unified Secops Platform 6.3.30 Logsign Unified Secops Platform 6.3.31 Logsign Unified Secops Platform 6.3.32 Logsign Unified Secops Platform 6.3.33 Logsign Unified Secops Platform 6.3.34 Logsign Unified Secops Platform 6.3.35 Logsign Unified Secops Platform 6.3.36 Logsign Unified Secops Platform 6.3.37 Logsign Unified Secops Platform 6.3.38 Logsign Unified Secops Platform 6.3.39 Logsign Unified Secops Platform 6.3.40 Logsign Unified Secops Platform 6.3.41 Logsign Unified Secops Platform 6.3.42 Logsign Unified Secops Platform 6.3.43 Logsign Unified Secops Platform 6.3.44 Logsign Unified Secops Platform 6.4.1 Logsign Unified Secops Platform 6.4.2 Logsign Unified Secops Platform 6.4.3 Logsign Unified Secops Platform 6.4.4 Logsign Unified Secops Platform 6.4.5 Logsign Unified Secops Platform 6.4.6 Logsign Unified Secops Platform 6.4.7 Logsign Unified Secops Platform 6.4.8 Logsign Unified Secops Platform 6.4.9 Logsign Unified Secops Platform 6.4.10 Logsign Unified Secops Platform 6.4.11 Logsign Unified Secops Platform 6.4.12 Logsign Unified Secops Platform 6.4.13 Logsign Unified Secops Platform 6.4.14 Logsign Unified Secops Platform 6.4.15 Logsign Unified Secops Platform 6.4.16 Logsign Unified Secops Platform 6.4.17 Logsign Unified Secops Platform 6.4.18 Logsign Unified Secops Platform 6.4.19 Logsign Unified Secops Platform 6.4.20 Logsign Unified Secops Platform 6.4.21 Logsign Unified Secops Platform 6.4.22 Logsign Unified Secops Platform 6.4.23 Logsign Unified Secops Platform 6.4.24 Logsign Unified Secops Platform 6.4.25 Logsign Unified Secops Platform 6.4.26 Logsign Unified Secops Platform 6.4.27 Logsign Unified Secops Platform 6.4.28 Logsign Unified Secops Platform 6.4.29 Logsign Unified Secops Platform 6.4.30 Logsign Unified Secops Platform 6.4.31	102

Summary

Vulnerable Configurations

References