プラットフォーム
windows
コンポーネント
logstare-collector
修正版
2.4.2
2.4.2
CVE-2025-62687 describes a cross-site request forgery (CSRF) vulnerability discovered in LogStare Collector. This flaw allows an attacker to perform unauthorized actions on behalf of an authenticated user if they view a specially crafted page. The vulnerability affects versions of LogStare Collector up to and including 2.4.1, and a patch is available in version 2.4.2.
A successful CSRF attack against LogStare Collector could allow an attacker to perform actions as the logged-in user. This could include modifying configurations, accessing sensitive data, or potentially even escalating privileges depending on the user's role and permissions within the LogStare Collector environment. The attacker would need to trick the user into visiting a malicious webpage, which could be achieved through phishing emails, compromised websites, or other social engineering techniques. The blast radius of this vulnerability is limited to the scope of actions the affected user can perform within LogStare Collector.
CVE-2025-62687 was publicly disclosed on 2025-11-21. There is no indication of active exploitation at this time, and no public proof-of-concept (POC) code has been released. The vulnerability's CVSS score of 6.5 (Medium) suggests a moderate probability of exploitation if a suitable attack vector is developed and widely distributed. It is not currently listed on the CISA KEV catalog.
Organizations using LogStare Collector in environments where users routinely access sensitive data or perform administrative tasks are at increased risk. Shared hosting environments where multiple users share the same LogStare Collector instance are particularly vulnerable, as an attacker could potentially compromise the accounts of all users on the shared host.
• windows / supply-chain:
Get-Process | Where-Object {$_.ProcessName -eq "LogStareCollector"}• windows / supply-chain:
Get-ItemProperty -Path 'HKLM:\Software\LogStare\Collector' -Name Version• generic web: Check HTTP headers for unusual Referer values or unexpected URL parameters. • generic web: Inspect LogStare Collector's configuration files for any unusual or suspicious entries.
disclosure
エクスプロイト状況
EPSS
0.03% (8% パーセンタイル)
CISA SSVC
CVSS ベクトル
The primary mitigation for CVE-2025-62687 is to upgrade LogStare Collector to version 2.4.2 or later, which contains the fix. If immediate upgrading is not possible, consider implementing stricter input validation and output encoding within the application to prevent the injection of malicious URLs. Additionally, implement a Content Security Policy (CSP) to restrict the sources from which the browser can load resources, reducing the attack surface. After upgrading, confirm the fix by attempting to trigger a known CSRF attack vector and verifying that the action is blocked.
LogStare Collector をベンダーが提供する最新バージョンにアップデートしてください。これにより、CSRF の脆弱性に対する修正が含まれるはずです。具体的なアップデート方法については、ベンダーのウェブサイトを参照してください。
脆弱性分析と重要アラートをメールでお届けします。
CVE-2025-62687 is a cross-site request forgery (CSRF) vulnerability affecting LogStare Collector versions up to 2.4.1. It allows attackers to perform actions as a logged-in user through crafted web pages.
You are affected if you are using LogStare Collector version 2.4.1 or earlier. Upgrade to version 2.4.2 or later to mitigate the vulnerability.
Upgrade LogStare Collector to version 2.4.2 or later. As a temporary workaround, implement stricter input validation and a Content Security Policy (CSP).
There is currently no evidence of active exploitation of CVE-2025-62687, and no public proof-of-concept code is available.
Refer to the official LogStare Collector security advisory for detailed information and updates regarding CVE-2025-62687.