How I Found a CVE in Logrhythm | CVE-2021–41943
Hello,
I am writing my first blog post to show how I got a CVE (HTML Tag Injection) in Logrhythm web console version 7.4.9.
Logrhythm Web Console
It is a SIEM platform allows analysts to efficiently capture logs and use advanced analytics to surface known and unknown threats, all while automating manual tasks with embedded security orchestration, automation, and response (SOAR) capabilities.¹
How I got it to Work?
Adding a new “Contextualize Actions “ and injecting HTML tags payload in the name field
Another Rendering Point
Going on to the cases and adding a new note/comment will render the HTML tag injection
Thanks for reading!
[1]: Client Console Analyst Guide https://docs.logrhythm.com/docs/enterprise/client-console-analyst-guide