CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-33856

An issue was discovered in Logpoint before 7.4.0. An attacker can enumerate a valid list of usernames by observing the response time at the Forgot Password endpoint.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.6%

CVSS Severity

CVSS v3 Score 5.3

References

https://servicedesk.logpoint.com/hc/en-us/articles/18533583876253-Username-enumeration-using-the-forget-password-endpoint
https://servicedesk.logpoint.com/hc/en-us/categories/200832975-Knowledge-Center
https://servicedesk.logpoint.com/hc/en-us/articles/18533583876253-Username-enumeration-using-the-forget-password-endpoint
https://servicedesk.logpoint.com/hc/en-us/categories/200832975-Knowledge-Center

Products affected by CVE-2024-33856

Logpoint » Siem » Version: 6.10.0

cpe:2.3:a:logpoint:siem:6.10.0
Logpoint » Siem » Version: 7.1.0

cpe:2.3:a:logpoint:siem:7.1.0
Logpoint » Siem » Version: 7.1.1

cpe:2.3:a:logpoint:siem:7.1.1
Logpoint » Siem » Version: 7.1.2

cpe:2.3:a:logpoint:siem:7.1.2
Logpoint » Siem » Version: 7.3.0

cpe:2.3:a:logpoint:siem:7.3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-33856

Products

Pricing

Contact Us