CVE-2022-47523: SQL Injection
First published: Thu Jan 05 2023(Updated: )
Zoho ManageEngine Access Manager Plus before 4309, Password Manager Pro before 12210, and PAM360 before 5801 are vulnerable to SQL Injection.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zohocorp Manageengine Password Manager Pro | <12.2 | |
| Zohocorp Manageengine Password Manager Pro | =12.2-build12200 | |
| Zohocorp Manageengine Pam360 | <5.8 | |
| Zohocorp Manageengine Pam360 | =5.8-build5800 | |
| Zohocorp Manageengine Access Manager Plus | <4.3 | |
| Zohocorp Manageengine Access Manager Plus | =4.3-build4300 | |
| Zohocorp Manageengine Access Manager Plus | =4.3-build4301 | |
| Zohocorp Manageengine Access Manager Plus | =4.3-build4302 | |
| Zohocorp Manageengine Access Manager Plus | =4.3-build4303 | |
| Zohocorp Manageengine Access Manager Plus | =4.3-build4304 | |
| Zohocorp Manageengine Access Manager Plus | =4.3-build4305 | |
| Zohocorp Manageengine Access Manager Plus | =4.3-build4306 | |
| Zohocorp Manageengine Access Manager Plus | =4.3-build4307 | |
| Zohocorp Manageengine Access Manager Plus | =4.3-build4308 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this issue?
The vulnerability ID of this issue is CVE-2022-47523.
What is the severity of CVE-2022-47523?
The severity of CVE-2022-47523 is critical with a score of 9.8.
Which software products are affected by CVE-2022-47523?
Zoho ManageEngine Access Manager Plus before 4309, Password Manager Pro before 12210, and PAM360 before 5801 are affected by CVE-2022-47523.
What is the CWE category associated with CVE-2022-47523?
CVE-2022-47523 is associated with CWE category 89.
Where can I find more information about CVE-2022-47523?
You can find more information about CVE-2022-47523 at the following link: [https://www.manageengine.com/privileged-session-management/advisory/cve-2022-47523.html](https://www.manageengine.com/privileged-session-management/advisory/cve-2022-47523.html)
- collector/nvd-index
- agent/weakness
- agent/references
- agent/type
- agent/event
- agent/severity
- agent/author
- agent/description
- agent/last-modified-date
- agent/remedy
- agent/tags
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/zohocorp
- canonical/zohocorp manageengine password manager pro
- version/zohocorp manageengine password manager pro/12.2-build12200
- canonical/zohocorp manageengine pam360
- version/zohocorp manageengine pam360/5.8-build5800
- canonical/zohocorp manageengine access manager plus
- version/zohocorp manageengine access manager plus/4.3-build4300
- version/zohocorp manageengine access manager plus/4.3-build4301
- version/zohocorp manageengine access manager plus/4.3-build4302
- version/zohocorp manageengine access manager plus/4.3-build4303
- version/zohocorp manageengine access manager plus/4.3-build4304
- version/zohocorp manageengine access manager plus/4.3-build4305
- version/zohocorp manageengine access manager plus/4.3-build4306
- version/zohocorp manageengine access manager plus/4.3-build4307
- version/zohocorp manageengine access manager plus/4.3-build4308