[KBA-79147] Critical vulnerability affecting the Hardware inventory task in Security Center 5.11.2.0
A critical vulnerability has been identified that affects the Hardware inventory task in Security Center 5.11.2.0.
This vulnerability might put your system at risk. Malicious actors could bypass the client-side protection, execute SQL queries, and run system commands through the Hardware inventory task.
Applies to
Security Center 5.11.2.0
Cause
This issue, identified as CVE-2023-1522, is due to an improper handling of user input by the system.
Workaround
If you cannot update your system now, deny the Hardware inventory privilege for all users until the patch is applied. For more information, see Restricting user privileges (Advanced).
Status
This issue is resolved in Security Center 5.11.2.1.