[KBA-79147] Critical vulnerability affecting the Hardware inventory task in Security Center 5.11.2.0 - Security Center 5.11.2.0

Applies to
Security Center 5.11.2.0
Last updated
2023-04-04
Internal reference number
3346761
Content type
KB articles
Language
English
Product
Security Center
Version
5.11

[KBA-79147] Critical vulnerability affecting the Hardware inventory task in Security Center 5.11.2.0

A critical vulnerability has been identified that affects the Hardware inventory task in Security Center 5.11.2.0.

This vulnerability might put your system at risk. Malicious actors could bypass the client-side protection, execute SQL queries, and run system commands through the Hardware inventory task.

Applies to

Security Center 5.11.2.0

Cause

This issue, identified as CVE-2023-1522, is due to an improper handling of user input by the system.

Workaround

CAUTION:
To prevent this issue, we strongly recommend that you update your system to Security Center 5.11.2.1 or later as soon as possible.

If you cannot update your system now, deny the Hardware inventory privilege for all users until the patch is applied. For more information, see Restricting user privileges (Advanced).

Status

This issue is resolved in Security Center 5.11.2.1.