14/07/2024 - Version 6.4.13 Release Notes

βš™οΈ Settings
> Responses
WinRM response integration added
🧩 Plugin
> NxLog - Windows Agent plugin updated
πŸ”§ Bug Fixes
> We fixed an issue where the username in the audit log was incorrect
for users logging in with 2FA.
> Fixed static exception bug in custom plugin
πŸ”§ Security Enhancements
Summary
The enhancements are intended to bolster our system's overall security posture and
defend against potential threats.

Affected Version


Solution


Vulnerability Details
> ZDI-CAN-24680 > CVE-2024-7564: Logsign Unified SecOps Platform Directory Traversal
Information Disclosure Vulnerability
> CVE-2024-6409: OpenSSH vulnerability
A race condition vulnerability was discovered in OpenSSH's server (sshd).
If a remote attacker doesn't authenticate in time, the SIGALRM handler is called
asynchronously and uses functions that are not async-signal-safe, like syslog().
This can potentially allow an attacker to perform remote code execution (RCE) as an
unprivileged user.

Mitigating Factors

Customers are advised to ensure they always have the latest version of the program.

Acknowledgement
Logsign would like to thank Abdessamad Lahlali and Smile Thanapattheerakul from
Trend Micro Zero Day Initiative for responsibly disclosing this issue.

Was this article helpful?
1 out of 1 found this helpful

Articles in this section

See more
Become a Certified Logsign User/Administrator
Sign-up for Logsign Academy and take the courses to learn about Logsign USO Platform in detail. Enjoy the courses, and get your badges and certificates. In these courses, you'll learn how to use Logsign in your work and add value to your career.
Visit Our Blog
Our Logsign USO Platform illustrate our expertise. So do the blog. Through our blog posts, deepen your knowledge on various SecOps topics or get updated about important news & modern approaches for cybersecurity. Get into the habit of reading valuable information provided by Logsign. Be a step ahead.