Advisory ID: LVD-2022-003
CVSSv 3.1 Vector: AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:H/RL:U/RC:C
CVSSv 3.1 Base Score: 7.2
CWE:CWE-732
Date Published: 2022-11-30
Last Updated: 2022-12-02
Description
The daily executed Cronjob-File clean_secbi_old_logs in Logpoint 7.1 Installation is writable for all users. The Cron is executed as root; any user can use this to execute any command in the system as root.
Affected Product
Logpoint v7.0.0 to v7.1.1
Upgrade Logpoint to v7.1.2
Acknowledgments
Timo Fahlenbock, IT Manager for StrikoWestofen GmbH in Norican Group (DISA)
Advisory ID: LVD-2022-002
CVSSv 3.1 Vector: AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:H/RL:U/RC:C
CVSSv 3.1 Base Score: 8.4
CWE:CWE-1336, CWE-78
Date Published: 2022-09-28
Last Updated: 2022-10-12
Template injection was seen in the search template. The search template uses jinja templating for generating dynamic data. This could be abused to gain code execution. Any user with the access to create a search template can use this vulnerability to execute code in the system as loginspect user.
Upgrade to Logpoint version 7.1.1.
Acknowledgments
Timo Fahlenbock, IT Manager for StrikoWestofen GmbH in Norican Group (DISA)