CVE-2022-48582

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 9, 2023

Updated: Aug 11, 2023

CWE ID 78

Summary

CVE-2022-48582 is a command injection vulnerability affecting the ticket report generate feature of ScienceLogic SL1. This issue arises due to the lack of input sanitization, allowing users to inject arbitrary shell commands and potentially gain unauthorized access to the underlying operating system. The vulnerability poses a significant risk to the security of ScienceLogic SL1 systems, and immediate remediation is advised to prevent potential exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sR50vL
https://www.cve.org/CVERecord?id=CVE-2022-48582
https://nvd.nist.gov/vuln/detail/CVE-2022-48582

Back to Vulnerability Database

CVE-2022-48582

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations