Zoho ManageEngine ADSelfService Plus 6111 and prior is vulnerable to SQL Injection while linking the databases.
References
Link | Resource |
---|---|
https://pitstop.manageengine.com/portal/en/community/topic/adselfservice-plus-6112-hotfix-release | Release Notes Vendor Advisory |
https://pitstop.manageengine.com/portal/en/community/topic/adselfservice-plus-6112-hotfix-release | Release Notes Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 06:15
Type | Values Removed | Values Added |
---|---|---|
References | () https://pitstop.manageengine.com/portal/en/community/topic/adselfservice-plus-6112-hotfix-releaseĀ - Release Notes, Vendor Advisory |
Information
Published : 2021-09-10 16:15
Updated : 2024-11-21 06:15
NVD link : CVE-2021-37422
Mitre link : CVE-2021-37422
CVE.ORG link : CVE-2021-37422
JSON object : View
Products Affected
zohocorp
- manageengine_adselfservice_plus
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')