Template injection in Search Template

Advisory ID: LVD-2022-002

CVSSv 3.1 Vector: AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:H/RL:U/RC:C

CVSSv 3.1 Base Score: 8.4

CWE:CWE-1336, CWE-78

Date Published: 2022-09-28

Last Updated: 2022-10-12

Description

Template injection was seen in the search template. The search template uses jinja templating for generating dynamic data. This could be abused to gain code execution. Any user with the access to create a search template can use this vulnerability to execute code in the system as loginspect user.

Affected Product

Logpoint versions 7.1.0 and earlier.

Solution

Upgrade to Logpoint version 7.1.1.

Acknowledgments

Timo Fahlenbock, IT Manager for StrikoWestofen GmbH in Norican Group (DISA)