Primary

Context

LogStare Collector Password Hash Exposure Vulnerability

Vulnerability

A vulnerability exists in LogStare Collector in versions through 2.4.1 for both Windows and Linux. This vulnerability allows an administrative user to access the password hashes of other users, due to improper handling of password hash data.

Impact

Exploitation of this vulnerability allows an administrative user to obtain the password hashes of all users.

Remediation

Users are advised to update LogStare Collector to version 2.4.2 for both Windows and Linux.

Added: Nov 21, 2025, 7:18 AM

Updated: Nov 21, 2025, 4:33 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.8

remediation

7.7

relevance

1.1

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.8

remediation

7.7

relevance

1.1

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

LogStare Collector Password Hash Exposure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating