CVE-2022-48604: 
ScienceLogic SL1 Agent vulnerability analysis and mitigation

A SQL injection vulnerability (CVE-2022-48604) was discovered in the "logging export" feature of ScienceLogic SL1 versions 11.1.2 and earlier. The vulnerability was identified on September 6, 2022, and publicly disclosed on August 9, 2023. The issue stems from unsanitized user-controlled input being passed directly to SQL queries (Securifera Advisory).

The vulnerability has been assigned a CVSS v3.1 score of 8.8 (High) with the following vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. This indicates that the vulnerability requires network access, low attack complexity, low privileges, and no user interaction, while potentially impacting confidentiality, integrity, and availability at high levels (Securifera Advisory).

The vulnerability allows attackers to inject arbitrary SQL queries that are executed against the database, potentially leading to unauthorized access to sensitive data, manipulation of database contents, and compromise of system integrity (Securifera Advisory).

Users are advised to update to the latest version of ScienceLogic SL1 beyond version 11.1.2 to address this vulnerability (Securifera Advisory).

The disclosure process faced significant resistance from the vendor, who initially refused CVE issuance and disclosure. The vendor hired a law firm to manage the disclosure process and strongly advised against disclosing to MITRE. Despite these challenges, the vulnerability was eventually publicly disclosed (Securifera Advisory).