Timo Fahlenbock

**Name of the Vulnerable Software and Affected Versions** Logpoint versions prior to 7.1.1 **Description** An issue was discovered in the search template of Logpoint, where template injection was seen. The search template uses jinja templating for generating dynamic data, which could be abused to achieve code execution. Any user with access to create a search template can leverage this to execute code as the loginspect user. **Recommendations** For versions prior to 7.1.1, upgrade Logpoint to the latest version to mitigate the risk of remote attacks. As a temporary workaround, consider restricting access to create search templates to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Logpoint versions 7.1 through 7.1.1 Logpoint version 7.1.2 is not affected, so the range can be simplified to versions prior to 7.1.2. **Description** An issue was discovered in Logpoint where the daily executed cron file `clean secbi old logs` is writable by all users and is executed as root, leading to privilege escalation. **Recommendations** For Logpoint versions prior to 7.1.2, update to version 7.1.2 or later to resolve the issue. As a temporary workaround, consider changing the permissions of the `clean secbi old logs` cron file to prevent it from being writable by all users until a patch is applied.