First published: Wed Dec 11 2019(Updated: )
Zoho ManageEngine Applications Manager before 13640 allows a remote authenticated SQL injection via the Agent servlet agentid parameter to the Agent.java process function.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zohocorp ManageEngine Applications Manager | <13.7 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for Zoho ManageEngine Applications Manager is CVE-2019-19650.
The severity of CVE-2019-19650 is high, with a severity value of 8.8.
CVE-2019-19650 is a vulnerability in Zoho ManageEngine Applications Manager that allows a remote authenticated SQL injection via the Agent servlet agentid parameter to the Agent.java process function.
CVE-2019-19650 affects Zoho ManageEngine Applications Manager versions up to 13.7.
Yes, a fix for CVE-2019-19650 is available. Please refer to the release notes for Zoho ManageEngine Applications Manager for more information on the fix.