CVE-2022-48685

Name of the Vulnerable Software and Affected Versions Logpoint versions 7.1 through 7.1.1 Logpoint version 7.1.2 is not affected, so the range can be simplified to versions prior to 7.1.2.

Description An issue was discovered in Logpoint where the daily executed cron file clean secbi old logs is writable by all users and is executed as root, leading to privilege escalation.

Recommendations For Logpoint versions prior to 7.1.2, update to version 7.1.2 or later to resolve the issue. As a temporary workaround, consider changing the permissions of the clean secbi old logs cron file to prevent it from being writable by all users until a patch is applied.