Plattform
windows
Komponente
logstare-collector
Behoben in
2.4.2
2.4.2
CVE-2025-62687 describes a cross-site request forgery (CSRF) vulnerability discovered in LogStare Collector. This flaw allows an attacker to perform unauthorized actions on behalf of an authenticated user if they view a specially crafted page. The vulnerability affects versions of LogStare Collector up to and including 2.4.1, and a patch is available in version 2.4.2.
A successful CSRF attack against LogStare Collector could allow an attacker to perform actions as the logged-in user. This could include modifying configurations, accessing sensitive data, or potentially even escalating privileges depending on the user's role and permissions within the LogStare Collector environment. The attacker would need to trick the user into visiting a malicious webpage, which could be achieved through phishing emails, compromised websites, or other social engineering techniques. The blast radius of this vulnerability is limited to the scope of actions the affected user can perform within LogStare Collector.
CVE-2025-62687 was publicly disclosed on 2025-11-21. There is no indication of active exploitation at this time, and no public proof-of-concept (POC) code has been released. The vulnerability's CVSS score of 6.5 (Medium) suggests a moderate probability of exploitation if a suitable attack vector is developed and widely distributed. It is not currently listed on the CISA KEV catalog.
Organizations using LogStare Collector in environments where users routinely access sensitive data or perform administrative tasks are at increased risk. Shared hosting environments where multiple users share the same LogStare Collector instance are particularly vulnerable, as an attacker could potentially compromise the accounts of all users on the shared host.
• windows / supply-chain:
Get-Process | Where-Object {$_.ProcessName -eq "LogStareCollector"}• windows / supply-chain:
Get-ItemProperty -Path 'HKLM:\Software\LogStare\Collector' -Name Version• generic web: Check HTTP headers for unusual Referer values or unexpected URL parameters. • generic web: Inspect LogStare Collector's configuration files for any unusual or suspicious entries.
disclosure
Exploit-Status
EPSS
0.03% (8% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-62687 is to upgrade LogStare Collector to version 2.4.2 or later, which contains the fix. If immediate upgrading is not possible, consider implementing stricter input validation and output encoding within the application to prevent the injection of malicious URLs. Additionally, implement a Content Security Policy (CSP) to restrict the sources from which the browser can load resources, reducing the attack surface. After upgrading, confirm the fix by attempting to trigger a known CSRF attack vector and verifying that the action is blocked.
Actualice LogStare Collector a la última versión disponible proporcionada por el proveedor. Esto debería incluir la corrección para la vulnerabilidad CSRF. Consulte el sitio web del proveedor para obtener instrucciones específicas sobre cómo actualizar.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-62687 is a cross-site request forgery (CSRF) vulnerability affecting LogStare Collector versions up to 2.4.1. It allows attackers to perform actions as a logged-in user through crafted web pages.
You are affected if you are using LogStare Collector version 2.4.1 or earlier. Upgrade to version 2.4.2 or later to mitigate the vulnerability.
Upgrade LogStare Collector to version 2.4.2 or later. As a temporary workaround, implement stricter input validation and a Content Security Policy (CSP).
There is currently no evidence of active exploitation of CVE-2025-62687, and no public proof-of-concept code is available.
Refer to the official LogStare Collector security advisory for detailed information and updates regarding CVE-2025-62687.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.