Zohocorp ManageEngine Applications Manager versions 170900 and below are vulnerable to the authenticated admin-only SQL Injection in the Create Monitor feature.
References
Link | Resource |
---|---|
https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2024-5678.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
15 Aug 2024, 18:05
Type | Values Removed | Values Added |
---|---|---|
First Time |
Zohocorp
Zohocorp manageengine Applications Manager |
|
CPE | cpe:2.3:a:zohocorp:manageengine_applications_manager:16.8:build16820:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.0:build170100:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:16.8:-:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:16.8:build16842:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.0:build170500:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.0:build170001:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:16.8:build16841:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:16.8:build16830:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.0:build170000:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.0:build170600:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.0:build170700:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.0:-:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:16.8:build16810:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.0:build170300:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:16.8:build16840:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.0:build170900:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:*:*:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:16.8:build16800:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.0:build170800:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.0:build170400:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.0:build170200:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:16.8:build16843:*:*:*:*:*:* |
|
References | () https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2024-5678.html - Vendor Advisory |
01 Aug 2024, 12:42
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
01 Aug 2024, 07:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-01 07:15
Updated : 2024-08-15 18:05
NVD link : CVE-2024-5678
Mitre link : CVE-2024-5678
CVE.ORG link : CVE-2024-5678
JSON object : View
Products Affected
zohocorp
- manageengine_applications_manager
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')