Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-5678

Zohocorp ManageEngine Applications Manager versions 170900 and below are vulnerable to the authenticated admin-only SQL Injection in the Create Monitor feature.

Published

2024-08-01T07:15:03.053

Last Modified

2024-08-15T18:05:54.847

Status

Analyzed

Source

0fc0942c-577d-436f-ae8e-945763c79b02

Severity

CVSSv3.1: 4.7 (MEDIUM)

Weaknesses
  • Type: Secondary
    CWE-89
  • Type: Primary
    CWE-89
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application zohocorp manageengine_applications_manager < 16.8 Yes
Application zohocorp manageengine_applications_manager 16.8 Yes
Application zohocorp manageengine_applications_manager 16.8 Yes
Application zohocorp manageengine_applications_manager 16.8 Yes
Application zohocorp manageengine_applications_manager 16.8 Yes
Application zohocorp manageengine_applications_manager 16.8 Yes
Application zohocorp manageengine_applications_manager 16.8 Yes
Application zohocorp manageengine_applications_manager 16.8 Yes
Application zohocorp manageengine_applications_manager 16.8 Yes
Application zohocorp manageengine_applications_manager 16.8 Yes
Application zohocorp manageengine_applications_manager 17.0 Yes
Application zohocorp manageengine_applications_manager 17.0 Yes
Application zohocorp manageengine_applications_manager 17.0 Yes
Application zohocorp manageengine_applications_manager 17.0 Yes
Application zohocorp manageengine_applications_manager 17.0 Yes
Application zohocorp manageengine_applications_manager 17.0 Yes
Application zohocorp manageengine_applications_manager 17.0 Yes
Application zohocorp manageengine_applications_manager 17.0 Yes
Application zohocorp manageengine_applications_manager 17.0 Yes
Application zohocorp manageengine_applications_manager 17.0 Yes
Application zohocorp manageengine_applications_manager 17.0 Yes
Application zohocorp manageengine_applications_manager 17.0 Yes
References