CVE-2022-48587: 
ScienceLogic SL1 Agent vulnerability analysis and mitigation

A SQL injection vulnerability (CVE-2022-48587) was discovered in the "schedule editor" feature of ScienceLogic SL1 versions 11.1.2 and earlier. The vulnerability was disclosed on August 9, 2023, after being initially reported to the vendor on September 6, 2022. The issue affects the ScienceLogic SL1 platform, which processes unsanitized user-controlled input directly in SQL queries (Securifera).

The vulnerability exists due to improper handling of user input in the "schedule editor" feature, where unsanitized user-controlled input is passed directly to SQL queries without proper validation. The vulnerability has been assigned a CVSS v3.1 score of 8.8 (High), with the following vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. This indicates network accessibility, low attack complexity, low privileges required, no user interaction needed, and high impacts on confidentiality, integrity, and availability (Securifera).

The SQL injection vulnerability allows attackers to inject and execute arbitrary SQL commands against the database. This could potentially lead to unauthorized access to sensitive data, manipulation of database contents, and compromise of the system's integrity (Securifera).

Users are advised to update to the latest version of ScienceLogic SL1 beyond version 11.1.2 to address this vulnerability (Securifera).

The disclosure process faced significant resistance from the vendor, who initially refused CVE issuance and disclosure. The vendor hired a law firm to manage the disclosure process, and their legal team strongly advised against disclosing to MITRE. Despite these objections, the vulnerability was eventually publicly disclosed on August 9, 2023 (Securifera).