Ryan Wincey

**Name of the Vulnerable Software and Affected Versions** Okta Verify for Windows versions prior to 5.0.2 **Description** The issue concerns a privilege escalation vulnerability through DLL hijacking. The vulnerability is fixed in version 5.0.2. **Recommendations** For versions prior to 5.0.2, upgrade to version 5.0.2 or greater to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Okta Verify for Windows (affected versions not specified) **Description** The issue is related to the auto-update service of Okta Verify for Windows, which is vulnerable to two flaws that can be combined to execute arbitrary code. This could allow a remote attacker to perform malicious actions. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** BMC PATROL Agent versions prior to 20.08.00 **Description** The issue allows local privilege escalation via vectors involving `pconfig` and the `+RESTART -host` options. **Recommendations** For versions prior to 20.08.00, update to version 20.08.00 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** ScienceLogic SL1 (affected versions not specified) **Description** A SQL injection issue exists in the “notes view” feature of the ScienceLogic SL1. This feature takes unsanitized user-controlled input and passes it directly to a SQL query, allowing for the injection of arbitrary SQL before being executed against the database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ScienceLogic SL1 (affected versions not specified) **Description** A SQL injection issue exists in the “topology data service” feature, where unsanitized user-controlled input is passed directly to a SQL query, allowing the injection of arbitrary SQL before execution against the database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ScienceLogic SL1 (affected versions not specified) **Description** A SQL injection issue exists in the “reporter events type” feature of the ScienceLogic SL1. This feature takes unsanitized user-controlled input and passes it directly to a SQL query, allowing for the injection of arbitrary SQL before being executed against the database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ScienceLogic SL1 (affected versions not specified) **Description** A SQL injection issue exists in the "ticket event report" feature, where unsanitized user-controlled input is passed directly to a SQL query, allowing the injection of arbitrary SQL before execution against the database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ScienceLogic SL1 (affected versions not specified) **Description** A SQL injection issue exists in the "ticket queue watchers" feature of the ScienceLogic SL1. This feature takes unsanitized user-controlled input and passes it directly to a SQL query, allowing for the injection of arbitrary SQL before being executed against the database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ScienceLogic SL1 (affected versions not specified) **Description** A SQL injection issue exists in the "ticket template watchers" feature, where unsanitized user-controlled input is passed directly to a SQL query, allowing the injection of arbitrary SQL before execution against the database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ScienceLogic SL1 (affected versions not specified) **Description** A command injection issue exists in the download and convert report feature, where unsanitized user-controlled input is passed directly to a shell command, allowing the injection of arbitrary commands to the underlying operating system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ScienceLogic SL1 (affected versions not specified) **Description** A SQL injection issue exists in the "admin dynamic app mib errors" feature, where unsanitized user-controlled input is passed directly to a SQL query, allowing the injection of arbitrary SQL that is then executed against the database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ScienceLogic SL1 (affected versions not specified) **Description** A SQL injection issue exists in the `vendor state` parameter of the "vendor print report" feature, allowing arbitrary SQL injection before execution against the database. This occurs because the feature takes unsanitized user-controlled input and passes it directly to a SQL query. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ScienceLogic SL1 (affected versions not specified) **Description** A SQL injection issue exists in the “admin brand portal” feature of the ScienceLogic SL1. This feature takes unsanitized user-controlled input and passes it directly to a SQL query, allowing for the injection of arbitrary SQL before being executed against the database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ScienceLogic SL1 (affected versions not specified) **Description** A SQL injection issue exists in the `vendor country` parameter of the "vendor print report" feature. This feature takes unsanitized user-controlled input and passes it directly to a SQL query, allowing for the injection of arbitrary SQL before being executed against the database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ScienceLogic SL1 (affected versions not specified) **Description** A SQL injection issue exists in the "schedule editor" feature of the ScienceLogic SL1. This feature takes unsanitized user-controlled input and passes it directly to a SQL query, allowing for the injection of arbitrary SQL before being executed against the database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ScienceLogic SL1 (affected versions not specified) **Description** A SQL injection issue exists in the "ticket watchers email" feature, where unsanitized user-controlled input is passed directly to a SQL query, allowing the injection of arbitrary SQL before execution against the database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ScienceLogic SL1 (affected versions not specified) **Description** A SQL injection issue exists in the “reporting job editor” feature of the ScienceLogic SL1. This feature takes unsanitized user-controlled input and passes it directly to a SQL query, allowing for the injection of arbitrary SQL before being executed against the database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ScienceLogic SL1 (affected versions not specified) **Description** A SQL injection issue exists in the "schedule editor decoupled" feature, where unsanitized user-controlled input is passed directly to a SQL query, allowing the injection of arbitrary SQL that is then executed against the database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ScienceLogic SL1 (affected versions not specified) **Description** A SQL injection issue exists in the "json walker" feature, where unsanitized user-controlled input is passed directly to a SQL query, allowing the injection of arbitrary SQL that is then executed against the database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ScienceLogic SL1 (affected versions not specified) **Description** A SQL injection issue exists in the “reporter events type date” feature of the ScienceLogic SL1. This feature takes unsanitized user-controlled input and passes it directly to a SQL query, allowing for the injection of arbitrary SQL before being executed against the database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.