CVE-2022-48600

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 9, 2023
Updated: Nov 7, 2023
CWE ID 78
CWE ID 89

Summary

CVE-2022-48600 is a SQL injection vulnerability discovered in ScienceLogic SL1's "notes view" feature. Unsanitized user input is directly incorporated into SQL queries, enabling attackers to inject malicious SQL code and access or modify sensitive data in the database without proper authorization. This vulnerability poses a significant risk, as it can lead to unauthorized data access and manipulation. It is crucial for ScienceLogic SL1 users to apply the available patch or update to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share