Lucene search
ManageEngineCVELIST:CVE-2024-5586HistoryAug 23, 2024 - 1:54 p.m.
CVE-2024-5586 SQL Injection
2024-08-2313:54:53
CWE-89
ManageEngine
www.cve.org
2
adaudit plus
sql injection
extranet lockouts
CVSS3
8.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
EPSS
0.001
Percentile
31.8%
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in extranet lockouts report option.
CNA Affected
[
{
"collectionURL": "https://www.manageengine.com/products/active-directory-audit/",
"defaultStatus": "unaffected",
"product": "ADAudit Plus",
"vendor": "ManageEngine",
"versions": [
{
"lessThan": "8000",
"status": "affected",
"version": "0",
"versionType": "8121"
}
]
}
]Related
cve
cve
CVE-2024-5586
2024-08-23 14:15:11
nvd
nvd
CVE-2024-5586
2024-08-23 14:15:11
vulnrichment
vulnrichment
CVE-2024-5586 SQL Injection
2024-08-23 13:54:53
nessus
nessus
ManageEngine ADAudit Plus < Build 8121 Multiple Vulnerabilities
2024-08-28 00:00:00
CVSS3
8.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
EPSS
0.001
Percentile
31.8%
Related for CVELIST:CVE-2024-5586