critical
9.8
CWE
89
Advisory Published
Updated

CVE-2022-29535: SQL Injection

First published: Thu May 05 2022(Updated: )

Zoho ManageEngine OPManager through 125588 allows SQL Injection via a few default reports.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
ManageEngine OpManager MSP<12.5
ManageEngine OpManager MSP=12.5
ManageEngine OpManager MSP=12.5-build125000
ManageEngine OpManager MSP=12.5-build125002
ManageEngine OpManager MSP=12.5-build125100
ManageEngine OpManager MSP=12.5-build125101
ManageEngine OpManager MSP=12.5-build125102
ManageEngine OpManager MSP=12.5-build125108
ManageEngine OpManager MSP=12.5-build125110
ManageEngine OpManager MSP=12.5-build125111
ManageEngine OpManager MSP=12.5-build125112
ManageEngine OpManager MSP=12.5-build125113
ManageEngine OpManager MSP=12.5-build125114
ManageEngine OpManager MSP=12.5-build125116
ManageEngine OpManager MSP=12.5-build125117
ManageEngine OpManager MSP=12.5-build125118
ManageEngine OpManager MSP=12.5-build125120
ManageEngine OpManager MSP=12.5-build125121
ManageEngine OpManager MSP=12.5-build125123
ManageEngine OpManager MSP=12.5-build125124
ManageEngine OpManager MSP=12.5-build125125
ManageEngine OpManager MSP=12.5-build125136
ManageEngine OpManager MSP=12.5-build125137
ManageEngine OpManager MSP=12.5-build125139
ManageEngine OpManager MSP=12.5-build125140
ManageEngine OpManager MSP=12.5-build125143
ManageEngine OpManager MSP=12.5-build125144
ManageEngine OpManager MSP=12.5-build125145
ManageEngine OpManager MSP=12.5-build125156
ManageEngine OpManager MSP=12.5-build125157
ManageEngine OpManager MSP=12.5-build125158
ManageEngine OpManager MSP=12.5-build125159
ManageEngine OpManager MSP=12.5-build125161
ManageEngine OpManager MSP=12.5-build125163
ManageEngine OpManager MSP=12.5-build125174
ManageEngine OpManager MSP=12.5-build125175
ManageEngine OpManager MSP=12.5-build125176
ManageEngine OpManager MSP=12.5-build125177
ManageEngine OpManager MSP=12.5-build125178
ManageEngine OpManager MSP=12.5-build125180
ManageEngine OpManager MSP=12.5-build125181
ManageEngine OpManager MSP=12.5-build125192
ManageEngine OpManager MSP=12.5-build125193
ManageEngine OpManager MSP=12.5-build125194
ManageEngine OpManager MSP=12.5-build125195
ManageEngine OpManager MSP=12.5-build125196
ManageEngine OpManager MSP=12.5-build125197
ManageEngine OpManager MSP=12.5-build125198
ManageEngine OpManager MSP=12.5-build125201
ManageEngine OpManager MSP=12.5-build125204
ManageEngine OpManager MSP=12.5-build125212
ManageEngine OpManager MSP=12.5-build125213
ManageEngine OpManager MSP=12.5-build125214
ManageEngine OpManager MSP=12.5-build125215
ManageEngine OpManager MSP=12.5-build125216
ManageEngine OpManager MSP=12.5-build125228
ManageEngine OpManager MSP=12.5-build125229
ManageEngine OpManager MSP=12.5-build125230
ManageEngine OpManager MSP=12.5-build125231
ManageEngine OpManager MSP=12.5-build125232
ManageEngine OpManager MSP=12.5-build125233
ManageEngine OpManager MSP=12.5-build125312
ManageEngine OpManager MSP=12.5-build125323
ManageEngine OpManager MSP=12.5-build125324
ManageEngine OpManager MSP=12.5-build125326
ManageEngine OpManager MSP=12.5-build125328
ManageEngine OpManager MSP=12.5-build125329
ManageEngine OpManager MSP=12.5-build125340
ManageEngine OpManager MSP=12.5-build125341
ManageEngine OpManager MSP=12.5-build125342
ManageEngine OpManager MSP=12.5-build125343
ManageEngine OpManager MSP=12.5-build125344
ManageEngine OpManager MSP=12.5-build125346
ManageEngine OpManager MSP=12.5-build125358
ManageEngine OpManager MSP=12.5-build125359
ManageEngine OpManager MSP=12.5-build125360
ManageEngine OpManager MSP=12.5-build125361
ManageEngine OpManager MSP=12.5-build125362
ManageEngine OpManager MSP=12.5-build125364
ManageEngine OpManager MSP=12.5-build125366
ManageEngine OpManager MSP=12.5-build125367
ManageEngine OpManager MSP=12.5-build125375
ManageEngine OpManager MSP=12.5-build125376
ManageEngine OpManager MSP=12.5-build125377
ManageEngine OpManager MSP=12.5-build125378
ManageEngine OpManager MSP=12.5-build125379
ManageEngine OpManager MSP=12.5-build125380
ManageEngine OpManager MSP=12.5-build125381
ManageEngine OpManager MSP=12.5-build125382
ManageEngine OpManager MSP=12.5-build125386
ManageEngine OpManager MSP=12.5-build125392
ManageEngine OpManager MSP=12.5-build125393
ManageEngine OpManager MSP=12.5-build125394
ManageEngine OpManager MSP=12.5-build125397
ManageEngine OpManager MSP=12.5-build125398
ManageEngine OpManager MSP=12.5-build125399
ManageEngine OpManager MSP=12.5-build125405
ManageEngine OpManager MSP=12.5-build125410
ManageEngine OpManager MSP=12.5-build125411
ManageEngine OpManager MSP=12.5-build125413
ManageEngine OpManager MSP=12.5-build125414
ManageEngine OpManager MSP=12.5-build125415
ManageEngine OpManager MSP=12.5-build125416
ManageEngine OpManager MSP=12.5-build125417
ManageEngine OpManager MSP=12.5-build125420
ManageEngine OpManager MSP=12.5-build125428
ManageEngine OpManager MSP=12.5-build125430
ManageEngine OpManager MSP=12.5-build125431
ManageEngine OpManager MSP=12.5-build125432
ManageEngine OpManager MSP=12.5-build125433
ManageEngine OpManager MSP=12.5-build125434
ManageEngine OpManager MSP=12.5-build125437
ManageEngine OpManager MSP=12.5-build125446
ManageEngine OpManager MSP=12.5-build125448
ManageEngine OpManager MSP=12.5-build125450
ManageEngine OpManager MSP=12.5-build125451
ManageEngine OpManager MSP=12.5-build125452
ManageEngine OpManager MSP=12.5-build125453
ManageEngine OpManager MSP=12.5-build125455
ManageEngine OpManager MSP=12.5-build125456
ManageEngine OpManager MSP=12.5-build125457
ManageEngine OpManager MSP=12.5-build125466
ManageEngine OpManager MSP=12.5-build125467
ManageEngine OpManager MSP=12.5-build125468
ManageEngine OpManager MSP=12.5-build125469
ManageEngine OpManager MSP=12.5-build125470
ManageEngine OpManager MSP=12.5-build125476
ManageEngine OpManager MSP=12.5-build125482
ManageEngine OpManager MSP=12.5-build125483
ManageEngine OpManager MSP=12.5-build125485
ManageEngine OpManager MSP=12.5-build125486
ManageEngine OpManager MSP=12.5-build125487
ManageEngine OpManager MSP=12.5-build125488
ManageEngine OpManager MSP=12.5-build125489
ManageEngine OpManager MSP=12.5-build125567
ManageEngine OpManager MSP=12.5-build125568
ManageEngine OpManager MSP=12.5-build125587
ManageEngine OpManager MSP=12.5-build125588
ManageEngine OpManager MSP=12.5-build125604

Remedy

https://www.manageengine.com/network-monitoring/security-updates/cve-2022-29535.html

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2022-29535?

    CVE-2022-29535 is rated as a critical severity vulnerability due to its potential for SQL injection.

  • How do I fix CVE-2022-29535?

    To fix CVE-2022-29535, upgrade your ManageEngine OpManager to version 12.5 build 125589 or later.

  • Which versions of ManageEngine OpManager are affected by CVE-2022-29535?

    CVE-2022-29535 affects all ManageEngine OpManager versions below 12.5 build 125589.

  • What kind of attack does CVE-2022-29535 enable?

    CVE-2022-29535 allows attackers to execute arbitrary SQL queries through vulnerable default reports.

  • Is there a workaround for CVE-2022-29535 if I cannot upgrade immediately?

    There are no specific workarounds for CVE-2022-29535; upgrading to a patched version is the recommended action.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203