What is the vulnerability ID for this vulnerability?

The vulnerability ID for this vulnerability is CVE-2019-11678.

What is the affected software for this vulnerability?

The affected software for this vulnerability is Zoho ManageEngine Firewall Analyzer.

What is the severity of CVE-2019-11678?

The severity of CVE-2019-11678 is critical.

What is the CWE ID for this vulnerability?

The CWE ID for this vulnerability is CWE-89.

How can I fix the vulnerability CVE-2019-11678?

To fix the vulnerability CVE-2019-11678, update Zoho ManageEngine Firewall Analyzer to version 12.3 Build 123218 or later.

Vulnerability/
CVE-2019-11678

critical

9.8

CWE

2/5/2019

4/8/2024

CVE-2019-11678: SQL Injection

First published: Thu May 02 2019(Updated: )

The "default reports" feature in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123218 is vulnerable to SQL Injection.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Zohocorp Manageengine Firewall Analyzer	=7.2-7020
Zohocorp Manageengine Firewall Analyzer	=7.2-7021
Zohocorp Manageengine Firewall Analyzer	=7.4-7400
Zohocorp Manageengine Firewall Analyzer	=7.6-7600
Zohocorp Manageengine Firewall Analyzer	=8.0-8000
Zohocorp Manageengine Firewall Analyzer	=8.1-8110
Zohocorp Manageengine Firewall Analyzer	=8.3-8300
Zohocorp Manageengine Firewall Analyzer	=8.5-8500
Zohocorp Manageengine Firewall Analyzer	=12.0-12000
Zohocorp Manageengine Firewall Analyzer	=12.2-12200
Zohocorp Manageengine Firewall Analyzer	=12.3-12300
Zohocorp Manageengine Firewall Analyzer	=12.3-123008
Zohocorp Manageengine Firewall Analyzer	=12.3-123027
Zohocorp Manageengine Firewall Analyzer	=12.3-123045
Zohocorp Manageengine Firewall Analyzer	=12.3-123057
Zohocorp Manageengine Firewall Analyzer	=12.3-123064
Zohocorp Manageengine Firewall Analyzer	=12.3-123070
Zohocorp Manageengine Firewall Analyzer	=12.3-123083
Zohocorp Manageengine Firewall Analyzer	=12.3-123092
Zohocorp Manageengine Firewall Analyzer	=12.3-123126
Zohocorp Manageengine Firewall Analyzer	=12.3-123129
Zohocorp Manageengine Firewall Analyzer	=12.3-123137
Zohocorp Manageengine Firewall Analyzer	=12.3-123151
Zohocorp Manageengine Firewall Analyzer	=12.3-123156
Zohocorp Manageengine Firewall Analyzer	=12.3-123164
Zohocorp Manageengine Firewall Analyzer	=12.3-123169
Zohocorp Manageengine Firewall Analyzer	=12.3-123177
Zohocorp Manageengine Firewall Analyzer	=12.3-123182
Zohocorp Manageengine Firewall Analyzer	=12.3-123185
Zohocorp Manageengine Firewall Analyzer	=12.3-123186
Zohocorp Manageengine Firewall Analyzer	=12.3-123194
Zohocorp Manageengine Firewall Analyzer	=12.3-123197
Zohocorp Manageengine Firewall Analyzer	=12.3-123208

Never miss a vulnerability like this again

Reference Links

https://www.manageengine.com/products/firewall/release-notes.html

Frequently Asked Questions

What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2019-11678.
What is the affected software for this vulnerability?
The affected software for this vulnerability is Zoho ManageEngine Firewall Analyzer.
What is the severity of CVE-2019-11678?
The severity of CVE-2019-11678 is critical.
What is the CWE ID for this vulnerability?
The CWE ID for this vulnerability is CWE-89.
How can I fix the vulnerability CVE-2019-11678?
To fix the vulnerability CVE-2019-11678, update Zoho ManageEngine Firewall Analyzer to version 12.3 Build 123218 or later.

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/severity
agent/weakness
agent/references
agent/last-modified-date
agent/tags
agent/description
agent/first-publish-date
agent/event
vendor/zohocorp
canonical/zohocorp manageengine firewall analyzer
version/zohocorp manageengine firewall analyzer/7.2-7020
version/zohocorp manageengine firewall analyzer/7.2-7021
version/zohocorp manageengine firewall analyzer/7.4-7400
version/zohocorp manageengine firewall analyzer/7.6-7600
version/zohocorp manageengine firewall analyzer/8.0-8000
version/zohocorp manageengine firewall analyzer/8.1-8110
version/zohocorp manageengine firewall analyzer/8.3-8300
version/zohocorp manageengine firewall analyzer/8.5-8500
version/zohocorp manageengine firewall analyzer/12.0-12000
version/zohocorp manageengine firewall analyzer/12.2-12200
version/zohocorp manageengine firewall analyzer/12.3-12300
version/zohocorp manageengine firewall analyzer/12.3-123008
version/zohocorp manageengine firewall analyzer/12.3-123027
version/zohocorp manageengine firewall analyzer/12.3-123045
version/zohocorp manageengine firewall analyzer/12.3-123057
version/zohocorp manageengine firewall analyzer/12.3-123064
version/zohocorp manageengine firewall analyzer/12.3-123070
version/zohocorp manageengine firewall analyzer/12.3-123083
version/zohocorp manageengine firewall analyzer/12.3-123092
version/zohocorp manageengine firewall analyzer/12.3-123126
version/zohocorp manageengine firewall analyzer/12.3-123129
version/zohocorp manageengine firewall analyzer/12.3-123137
version/zohocorp manageengine firewall analyzer/12.3-123151
version/zohocorp manageengine firewall analyzer/12.3-123156
version/zohocorp manageengine firewall analyzer/12.3-123164
version/zohocorp manageengine firewall analyzer/12.3-123169
version/zohocorp manageengine firewall analyzer/12.3-123177
version/zohocorp manageengine firewall analyzer/12.3-123182
version/zohocorp manageengine firewall analyzer/12.3-123185
version/zohocorp manageengine firewall analyzer/12.3-123186
version/zohocorp manageengine firewall analyzer/12.3-123194
version/zohocorp manageengine firewall analyzer/12.3-123197
version/zohocorp manageengine firewall analyzer/12.3-123208