CVE-2024-5678: SQL Injection
First published: Thu Aug 01 2024(Updated: )
Zohocorp ManageEngine Applications Manager versions 170900 and below are vulnerable to the authenticated admin-only SQL Injection in the Create Monitor feature.
Credit: 0fc0942c-577d-436f-ae8e-945763c79b02
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zohocorp ManageEngine Applications Manager | <16.8 | |
| Zohocorp ManageEngine Applications Manager | =16.8 | |
| Zohocorp ManageEngine Applications Manager | =16.8-build16800 | |
| Zohocorp ManageEngine Applications Manager | =16.8-build16810 | |
| Zohocorp ManageEngine Applications Manager | =16.8-build16820 | |
| Zohocorp ManageEngine Applications Manager | =16.8-build16830 | |
| Zohocorp ManageEngine Applications Manager | =16.8-build16840 | |
| Zohocorp ManageEngine Applications Manager | =16.8-build16841 | |
| Zohocorp ManageEngine Applications Manager | =16.8-build16842 | |
| Zohocorp ManageEngine Applications Manager | =16.8-build16843 | |
| Zohocorp ManageEngine Applications Manager | =17.0 | |
| Zohocorp ManageEngine Applications Manager | =17.0-build170000 | |
| Zohocorp ManageEngine Applications Manager | =17.0-build170001 | |
| Zohocorp ManageEngine Applications Manager | =17.0-build170100 | |
| Zohocorp ManageEngine Applications Manager | =17.0-build170200 | |
| Zohocorp ManageEngine Applications Manager | =17.0-build170300 | |
| Zohocorp ManageEngine Applications Manager | =17.0-build170400 | |
| Zohocorp ManageEngine Applications Manager | =17.0-build170500 | |
| Zohocorp ManageEngine Applications Manager | =17.0-build170600 | |
| Zohocorp ManageEngine Applications Manager | =17.0-build170700 | |
| Zohocorp ManageEngine Applications Manager | =17.0-build170800 | |
| Zohocorp ManageEngine Applications Manager | =17.0-build170900 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/title
- agent/weakness
- agent/references
- agent/description
- agent/type
- agent/first-publish-date
- agent/severity
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/zohocorp
- canonical/zohocorp manageengine applications manager
- version/zohocorp manageengine applications manager/16.8
- version/zohocorp manageengine applications manager/16.8-build16800
- version/zohocorp manageengine applications manager/16.8-build16810
- version/zohocorp manageengine applications manager/16.8-build16820
- version/zohocorp manageengine applications manager/16.8-build16830
- version/zohocorp manageengine applications manager/16.8-build16840
- version/zohocorp manageengine applications manager/16.8-build16841
- version/zohocorp manageengine applications manager/16.8-build16842
- version/zohocorp manageengine applications manager/16.8-build16843
- version/zohocorp manageengine applications manager/17.0
- version/zohocorp manageengine applications manager/17.0-build170000
- version/zohocorp manageengine applications manager/17.0-build170001
- version/zohocorp manageengine applications manager/17.0-build170100
- version/zohocorp manageengine applications manager/17.0-build170200
- version/zohocorp manageengine applications manager/17.0-build170300
- version/zohocorp manageengine applications manager/17.0-build170400
- version/zohocorp manageengine applications manager/17.0-build170500
- version/zohocorp manageengine applications manager/17.0-build170600
- version/zohocorp manageengine applications manager/17.0-build170700
- version/zohocorp manageengine applications manager/17.0-build170800
- version/zohocorp manageengine applications manager/17.0-build170900