ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A command injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a failure of the Dashboard Scheduler feature to properly filter construct command special characters, commands, etc., which can be exploited by an attacker to execute arbitrary commands on the system.