CrowdStrike LogScale Unauthenticated Path Traversal Vulnerability

A critical unauthenticated path traversal vulnerability has been identified in CrowdStrike LogScale self-hosted versions 1.224.0 through 1.234.0, including LogScale Self-Hosted LTS versions 1.228.0 and 1.228.1. This vulnerability exists in a specific cluster API endpoint, allowing remote attackers to read arbitrary files from the server filesystem without authentication. CrowdStrike has no evidence of exploitation of this vulnerability in the wild.

Impact

Exploitation of this vulnerability allows for unauthorized access to read files from the server's filesystem, potentially leading to the disclosure of sensitive information.

Remediation

CrowdStrike has released patched versions to address this vulnerability. Self-hosted customers should upgrade to version 1.235.1 or later, 1.234.1 or later, 1.233.1 or later, or 1.228.2 (LTS) or later.