HTTP: Logsign Unified SecOps Authentication Bypass
This signature detects attempts to exploit a known vulnerability against Logsign. A successful attack can lead to security bypass.
Extended Description
Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 443 by default. The issue results from the lack of proper implementation of the authentication algorithm. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25336.
Affected Products
Logsign unified_secops_platform
Short Name
HTTP:CTS:LOGSIGN-SEC-AUTH-BYPAS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Authentication Bypass CVE-2025-1044 Logsign SecOps Unified
Release Date
03/14/2025
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3791
False Positive
Unknown
Vendors
Logsign