CVE-2022-48596: 
ScienceLogic SL1 Agent vulnerability analysis and mitigation

A SQL injection vulnerability (CVE-2022-48596) was discovered in ScienceLogic SL1's "ticket queue watchers" feature. The vulnerability was identified in versions 11.1.2 and earlier, with the initial vendor notification occurring on September 6, 2022, and public disclosure on August 9, 2023. The vulnerability stems from unsanitized user-controlled input being passed directly to SQL queries (Securifera Advisory).

The vulnerability has been assigned a CVSS v3.1 score of 8.8 (High), with the following vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. This indicates that the vulnerability is network-accessible, requires low attack complexity, needs low privileges, requires no user interaction, and can result in high impacts to confidentiality, integrity, and availability (Securifera Advisory).

The SQL injection vulnerability allows attackers to inject arbitrary SQL commands that are executed directly against the database. This could potentially lead to unauthorized access to sensitive data, manipulation of database contents, and compromise of the system's integrity (Securifera Advisory).

Users are advised to update to the latest version of ScienceLogic SL1 beyond version 11.1.2 to address this vulnerability (Securifera Advisory).

The disclosure process faced significant resistance from the vendor, who initially refused CVE issuance and disclosure. The vendor hired a law firm to manage the disclosure process, and their legal team strongly advised against disclosing to MITRE. Despite these challenges, the vulnerability was eventually publicly disclosed on August 9, 2023 (Securifera Advisory).