03/06/2024 - Version 6.4.8 Release Notes

 ðŸŽ¯ New Features
> Organization info to response data for Cyfusion added
📈 Incident
> Incident card columns design updated
⚙️ Settings
> Responses
Manage Engine - Service Desk response integration added
🧩 Plugin
> Exagrid - Ex plugin added
> DMARC - Email Authentication plugin added
> IBM - QRadar EDR plugin updated
> Trend Micro - Apex Central plugin updated
> Sonicwall - SSLVPN plugin updated
> Sonicwall - Firewall plugin updated
> Symantec - DLP plugin updated
> Symantec - Brightmail plugin updated
> Coro API plugin updated
> Cisco - ISE plugin updated
🔧 Bug Fixes
> General EPS average percentage for healthcheck bug fixed
> Source list filter bug fixed
> Mail integration test connection bug fixed
> Redirect at Alert Rules page bug fixed
> Trying to sync when license is expired bug fixed
> Validate file hash bug fixed
> Major security improvements
🔧 Security Enhancements
Summary
The enhancements are intended to bolster our system's overall security posture and
defend against potential threats.

Affected Version


Solution


Vulnerability Details
> ZDI-CAN-24164 > CVE-2024-5716: Logsign Unified SecOps Platform
Authentication Bypass Vulnerability
> ZDI-CAN-24165 > CVE-2024-5717: Logsign Unified SecOps Platform
Command Injection Remote Code Execution Vulnerability
> ZDI-CAN-24166 > CVE-2024-5718
: Logsign Unified SecOps Platform
Missing Authentication Remote Code Execution Vulnerability

> ZDI-CAN-24167 > CVE-2024-5719: Logsign Unified SecOps Platform
Command Injection Remote Code Execution Vulnerability
> ZDI-CAN-24168 > CVE-2024-5720: Logsign Unified SecOps Platform
Command Injection Remote Code Execution Vulnerability
Logsign Unified SecOps Platform Authentication Bypass Vulnerability
> ZDI-CAN-24169 > CVE-2024-5721: Logsign Unified SecOps Platform
Missing Authentication Remote Code Execution Vulnerability
> ZDI-CAN-24170 > CVE-2024-5722: Logsign Unified SecOps Platform
HTTP API Hard-coded Cryptographic Key Remote Code Execution Vulnerability

Mitigating Factors

Customers are advised to ensure they always have the latest version of the program.

Acknowledgement
Logsign would like to thank Mehmet INCE (@mdisec) from PRODAFT.com in working with
Trend Micro Zero Day Initiative for responsibly disclosing this issue.
Was this article helpful?
0 out of 0 found this helpful

Articles in this section

See more
Become a Certified Logsign User/Administrator
Sign-up for Logsign Academy and take the courses to learn about Logsign USO Platform in detail. Enjoy the courses, and get your badges and certificates. In these courses, you'll learn how to use Logsign in your work and add value to your career.
Visit Our Blog
Our Logsign USO Platform illustrate our expertise. So do the blog. Through our blog posts, deepen your knowledge on various SecOps topics or get updated about important news & modern approaches for cybersecurity. Get into the habit of reading valuable information provided by Logsign. Be a step ahead.