CVE-2022-48587

A SQL injection vulnerability exists in the “schedule editor” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.securifera.com/advisories/cve-2022-48587/	Third Party Advisory
https://www.securifera.com/advisories/cve-2022-48587/	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:sciencelogic:sl1:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:33

Type	Values Removed	Values Added
References	~~() https://www.securifera.com/advisories/cve-2022-48587/ - Third Party Advisory~~	() https://www.securifera.com/advisories/cve-2022-48587/ - Third Party Advisory
Summary		(es) Existe una vulnerabilidad de inyección SQL en la función "editor de programación" de SL1 de ScienceLogic que toma la entrada controlada por el usuario sin sanitizar y la pasa directamente a una consulta SQL. Esto permite la inyección de SQL arbitrario antes de ser ejecutado contra la base de datos.

Information

Published : 2023-08-09 18:15

Updated : 2024-11-21 07:33

NVD link : CVE-2022-48587

Mitre link : CVE-2022-48587

CVE.ORG link : CVE-2022-48587

JSON object : View

Products Affected

sciencelogic

sl1

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

{"id": "CVE-2022-48587", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "contact@securifera.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2023-08-09T18:15:12.187", "references": [{"url": "https://www.securifera.com/advisories/cve-2022-48587/", "tags": ["Third Party Advisory"], "source": "contact@securifera.com"}, {"url": "https://www.securifera.com/advisories/cve-2022-48587/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "contact@securifera.com", "description": [{"lang": "en", "value": "CWE-78"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "A SQL injection vulnerability exists in the \u201cschedule editor\u201d feature of the ScienceLogic SL1 that takes unsanitized user\u2010controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database."}, {"lang": "es", "value": "Existe una vulnerabilidad de inyecci\u00f3n SQL en la funci\u00f3n \"editor de programaci\u00f3n\" de SL1 de ScienceLogic que toma la entrada controlada por el usuario sin sanitizar y la pasa directamente a una consulta SQL. Esto permite la inyecci\u00f3n de SQL arbitrario antes de ser ejecutado contra la base de datos."}], "lastModified": "2024-11-21T07:33:33.150", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sciencelogic:sl1:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4CBE823D-513F-4D03-9D6A-C8F02F379CD9", "versionEndIncluding": "11.1.2"}], "operator": "OR"}]}], "sourceIdentifier": "contact@securifera.com"}