Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-38871

Zohocorp ManageEngine Exchange Reporter Plus versions 5717 and below are vulnerable to the authenticated SQL injection in the reports module.

Published

2024-07-26T18:15:03.137

Last Modified

2024-11-21T09:26:54.183

Status

Modified

Source

0fc0942c-577d-436f-ae8e-945763c79b02

Severity

CVSSv3.1: 8.3 (HIGH)

Weaknesses
  • Type: Secondary
    CWE-89
  • Type: Primary
    CWE-89
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application zohocorp manageengine_exchange_reporter_plus < 5.7 Yes
Application zohocorp manageengine_exchange_reporter_plus 5.7 Yes
Application zohocorp manageengine_exchange_reporter_plus 5.7 Yes
Application zohocorp manageengine_exchange_reporter_plus 5.7 Yes
Application zohocorp manageengine_exchange_reporter_plus 5.7 Yes
Application zohocorp manageengine_exchange_reporter_plus 5.7 Yes
Application zohocorp manageengine_exchange_reporter_plus 5.7 Yes
Application zohocorp manageengine_exchange_reporter_plus 5.7 Yes
Application zohocorp manageengine_exchange_reporter_plus 5.7 Yes
Application zohocorp manageengine_exchange_reporter_plus 5.7 Yes
Application zohocorp manageengine_exchange_reporter_plus 5.7 Yes
Application zohocorp manageengine_exchange_reporter_plus 5.7 Yes
Application zohocorp manageengine_exchange_reporter_plus 5.7 Yes
Application zohocorp manageengine_exchange_reporter_plus 5.7 Yes
Application zohocorp manageengine_exchange_reporter_plus 5.7 Yes
Application zohocorp manageengine_exchange_reporter_plus 5.7 Yes
Application zohocorp manageengine_exchange_reporter_plus 5.7 Yes
Application zohocorp manageengine_exchange_reporter_plus 5.7 Yes
References