Lucene search
K

The vulnerability of the Windows Active Directory (AD) management and reporting software Zoho ManageEngine ADAudit Plus lies in the lack of protection for SQL query structures, allowing attackers to execute custom queries and gain access to database table records.

🗓️ 27 Nov 2024 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType 
bdu_fstec
 bdu_fstec
🔗 bdu.fstec.ru👁 3 Views

ADAudit Plus has unprotected SQL query structures, enabling attackers to run custom queries.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
CNNVD
ZOHO ManageEngine ADAudit Plus 安全漏洞
12 Aug 202400:00
cnnvd
CVE
CVE-2024-5487
12 Aug 202407:04
cve
Cvelist
CVE-2024-5487 SQL Injection
12 Aug 202407:04
cvelist
EUVD
EUVD-2024-46697
3 Oct 202520:07
euvd
Tenable Nessus
ManageEngine ADAudit Plus < Build 8110 Multiple Vulnerabilities
15 Aug 202400:00
nessus
NVD
CVE-2024-5487
12 Aug 202413:38
nvd
OSV
CVE-2024-5487
12 Aug 202413:38
osv
Positive Technologies
PT-2024-8781 · Zohocorp · Zoho Manageengine Adaudit Plus
14 Jun 202400:00
ptsecurity
RedhatCVE
CVE-2024-5487
5 Feb 202506:13
redhatcve
Vulnrichment
CVE-2024-5487 SQL Injection
12 Aug 202407:04
vulnrichment
Rows per page
Vulners

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

27 Nov 2024 00:00Current
5.7Medium risk
Vulners AI Score5.7
CVSS 38.3
CVSS 28.7
EPSS0.04702
3