Lucene search

[email protected]NVD:CVE-2022-43671

HistoryNov 12, 2022 - 4:15 a.m.

CVE-2022-43671

2022-11-1204:15:10

CWE-89

[email protected]

web.nvd.nist.gov

zoho manageengine

sql injection

password manager pro

pam360

access manager plus

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.028 Low

EPSS

Percentile

90.7%

JSON

Zoho ManageEngine Password Manager Pro before 12122, PAM360 before 5711, and Access Manager Plus before 4306 allow SQL Injection.

Affected configurations

NVD

Node

zohocorpmanageengine_access_manager_plusRange<4.3

zohocorpmanageengine_access_manager_plusMatch4.3build4300

zohocorpmanageengine_access_manager_plusMatch4.3build4301

zohocorpmanageengine_access_manager_plusMatch4.3build4302

zohocorpmanageengine_access_manager_plusMatch4.3build4303

zohocorpmanageengine_access_manager_plusMatch4.3build4304

zohocorpmanageengine_access_manager_plusMatch4.3build4305

zohocorpmanageengine_pam360Range<5.7

zohocorpmanageengine_pam360Match5.7build5700

zohocorpmanageengine_pam360Match5.7build5710

zohocorpmanageengine_password_manager_proRange<12.1

zohocorpmanageengine_password_manager_proMatch12.1build12100

zohocorpmanageengine_password_manager_proMatch12.1build12101

zohocorpmanageengine_password_manager_proMatch12.1build12110

zohocorpmanageengine_password_manager_proMatch12.1build12120

zohocorpmanageengine_password_manager_proMatch12.1build12121

References

www.manageengine.com/products/passwordmanagerpro/advisory/cve-2022-43671.html

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.028 Low

EPSS

Percentile

90.7%

JSON

Related for NVD:CVE-2022-43671

cve2 prion2 cvelist2 nvd1