Lucene search
ManageEngineCVE-2024-36518HistoryAug 12, 2024 - 1:38 p.m.
CVE-2024-36518
2024-08-1213:38:22
CWE-89
ManageEngine
web.nvd.nist.gov
27
zohocorp
manageengine
adaudit plus
sql injection
cve-2024-36518
vulnerable
authenticated
attack surface analyzer's dashboard
CVSS3
8.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
EPSS
0
Percentile
9.5%
Zohocorp ManageEngine ADAudit Plus versions belowย 8110 are vulnerable to authenticated SQL Injection in attack surface analyzerโs dashboard.
CNA Affected
[
{
"collectionURL": "https://www.manageengine.com/products/active-directory-audit/download.html",
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "ADAudit Plus",
"vendor": "ManageEngine",
"versions": [
{
"lessThanOrEqual": "8110",
"status": "affected",
"version": "0",
"versionType": "8110"
}
]
}
]Related
vulnrichment
vulnrichment
CVE-2024-36518 SQL Injection
2024-08-12 07:13:49
cvelist
cvelist
CVE-2024-36518 SQL Injection
2024-08-12 07:13:49
nvd
nvd
CVE-2024-36518
2024-08-12 13:38:22
nessus
nessus
ManageEngine ADAudit Plus < Build 8110 Multiple Vulnerabilities
2024-08-15 00:00:00
CVSS3
8.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
EPSS
0
Percentile
9.5%
Related for CVE-2024-36518