CVE-2022-48603

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 9, 2023

Updated: Nov 7, 2023

CWE ID 78

CWE ID 89

Summary

CVE-2022-48603 is a SQL injection vulnerability affecting ScienceLogic SL1's "message viewer iframe" feature. The issue arises from unsanitized user input being directly incorporated into SQL queries. An attacker can exploit this weakness to inject malicious SQL code, potentially gaining unauthorized access to sensitive data or database functionality. This vulnerability poses a significant risk and requires immediate remediation to prevent potential data breaches.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sR6R7C
https://www.cve.org/CVERecord?id=CVE-2022-48603
https://nvd.nist.gov/vuln/detail/CVE-2022-48603

Back to Vulnerability Database

CVE-2022-48603

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations