ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in home Graph-Data.
References
Link | Resource |
---|---|
https://www.manageengine.com/products/active-directory-audit/sqlfix-7271.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
10 Feb 2024, 01:04
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-89 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
References | () https://www.manageengine.com/products/active-directory-audit/sqlfix-7271.html - Vendor Advisory | |
Summary |
|
|
First Time |
Zohocorp
Zohocorp manageengine Adaudit Plus |
|
CPE | cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7202:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7200:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7220:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7260:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7211:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7201:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7210:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7215:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7251:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7203:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7270:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7212:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7250:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7213:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:*:*:*:*:*:*:*:* |
02 Feb 2024, 13:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-02-02 13:15
Updated : 2024-02-10 01:04
NVD link : CVE-2024-0253
Mitre link : CVE-2024-0253
CVE.ORG link : CVE-2024-0253
JSON object : View
Products Affected
zohocorp
- manageengine_adaudit_plus
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')