Logrhythm Platform Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Logrhythm Platform Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2020-25094 — CVSS 9.8 (critical): LogRhythm Platform Manager 7.4.9 allows Command Injection. To exploit this, an attacker can inject arbitrary program names and arguments…
CVE-2020-25095 — CVSS 8.8 (high): LogRhythm Platform Manager (PM) 7.4.9 allows CSRF. The Web interface is vulnerable to Cross-site WebSocket Hijacking (CSWH). If a logged-in…
CVE-2020-25096 — CVSS 8.8 (high): LogRhythm Platform Manager (PM) 7.4.9 has Incorrect Access Control. Users within LogRhythm can be delegated different roles and privileges…