Lucene search

K
cve[email protected]CVE-2022-37024
HistoryAug 10, 2022 - 8:16 p.m.

CVE-2022-37024

2022-08-1020:16:05
web.nvd.nist.gov
31
6
cve-2022-37024
zoho
manageengine
opmanager
opmanager plus
opmanager msp
network configuration manager
netflow analyzer
oputils
authenticated users
database changes
remote code execution

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.6%

Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code execution.

Affected configurations

NVD
Node
zohocorpmanageengine_firewall_analyzerMatch12.5build125450
OR
zohocorpmanageengine_firewall_analyzerMatch12.5build125451
OR
zohocorpmanageengine_firewall_analyzerMatch12.5build125452
OR
zohocorpmanageengine_firewall_analyzerMatch12.5build125453
OR
zohocorpmanageengine_firewall_analyzerMatch12.5build125455
OR
zohocorpmanageengine_firewall_analyzerMatch12.5build125456
OR
zohocorpmanageengine_firewall_analyzerMatch12.5build125664
OR
zohocorpmanageengine_firewall_analyzerMatch12.6build126000
OR
zohocorpmanageengine_firewall_analyzerMatch12.6build126001
OR
zohocorpmanageengine_firewall_analyzerMatch12.6build126100
OR
zohocorpmanageengine_firewall_analyzerMatch12.6build126101
OR
zohocorpmanageengine_firewall_analyzerMatch12.6build126102
OR
zohocorpmanageengine_firewall_analyzerMatch12.6build126103
OR
zohocorpmanageengine_firewall_analyzerMatch12.6build126113
OR
zohocorpmanageengine_firewall_analyzerMatch12.6build126114
OR
zohocorpmanageengine_firewall_analyzerMatch12.6build126115
OR
zohocorpmanageengine_firewall_analyzerMatch12.6build126116
OR
zohocorpmanageengine_firewall_analyzerMatch12.6build126117
OR
zohocorpmanageengine_netflow_analyzerMatch12.5build125450
OR
zohocorpmanageengine_netflow_analyzerMatch12.5build125451
OR
zohocorpmanageengine_netflow_analyzerMatch12.5build125452
OR
zohocorpmanageengine_netflow_analyzerMatch12.5build125453
OR
zohocorpmanageengine_netflow_analyzerMatch12.5build125455
OR
zohocorpmanageengine_netflow_analyzerMatch12.5build125456
OR
zohocorpmanageengine_netflow_analyzerMatch12.5build125664
OR
zohocorpmanageengine_netflow_analyzerMatch12.6build126000
OR
zohocorpmanageengine_netflow_analyzerMatch12.6build126001
OR
zohocorpmanageengine_netflow_analyzerMatch12.6build126100
OR
zohocorpmanageengine_netflow_analyzerMatch12.6build126101
OR
zohocorpmanageengine_netflow_analyzerMatch12.6build126102
OR
zohocorpmanageengine_netflow_analyzerMatch12.6build126103
OR
zohocorpmanageengine_netflow_analyzerMatch12.6build126113
OR
zohocorpmanageengine_netflow_analyzerMatch12.6build126114
OR
zohocorpmanageengine_netflow_analyzerMatch12.6build126115
OR
zohocorpmanageengine_netflow_analyzerMatch12.6build126116
OR
zohocorpmanageengine_netflow_analyzerMatch12.6build126117
OR
zohocorpmanageengine_network_configuration_managerMatch12.5build125450
OR
zohocorpmanageengine_network_configuration_managerMatch12.5build125451
OR
zohocorpmanageengine_network_configuration_managerMatch12.5build125452
OR
zohocorpmanageengine_network_configuration_managerMatch12.5build125453
OR
zohocorpmanageengine_network_configuration_managerMatch12.5build125455
OR
zohocorpmanageengine_network_configuration_managerMatch12.5build125456
OR
zohocorpmanageengine_network_configuration_managerMatch12.5build125664
OR
zohocorpmanageengine_network_configuration_managerMatch12.6build126000
OR
zohocorpmanageengine_network_configuration_managerMatch12.6build126001
OR
zohocorpmanageengine_network_configuration_managerMatch12.6build126100
OR
zohocorpmanageengine_network_configuration_managerMatch12.6build126101
OR
zohocorpmanageengine_network_configuration_managerMatch12.6build126102
OR
zohocorpmanageengine_network_configuration_managerMatch12.6build126103
OR
zohocorpmanageengine_network_configuration_managerMatch12.6build126113
OR
zohocorpmanageengine_network_configuration_managerMatch12.6build126114
OR
zohocorpmanageengine_network_configuration_managerMatch12.6build126115
OR
zohocorpmanageengine_network_configuration_managerMatch12.6build126116
OR
zohocorpmanageengine_network_configuration_managerMatch12.6build126117
OR
zohocorpmanageengine_opmanagerMatch12.5build125450
OR
zohocorpmanageengine_opmanagerMatch12.5build125451
OR
zohocorpmanageengine_opmanagerMatch12.5build125452
OR
zohocorpmanageengine_opmanagerMatch12.5build125453
OR
zohocorpmanageengine_opmanagerMatch12.5build125455
OR
zohocorpmanageengine_opmanagerMatch12.5build125456
OR
zohocorpmanageengine_opmanagerMatch12.5build125664
OR
zohocorpmanageengine_opmanagerMatch12.6build126000
OR
zohocorpmanageengine_opmanagerMatch12.6build126001
OR
zohocorpmanageengine_opmanagerMatch12.6build126100
OR
zohocorpmanageengine_opmanagerMatch12.6build126101
OR
zohocorpmanageengine_opmanagerMatch12.6build126102
OR
zohocorpmanageengine_opmanagerMatch12.6build126103
OR
zohocorpmanageengine_opmanagerMatch12.6build126113
OR
zohocorpmanageengine_opmanagerMatch12.6build126114
OR
zohocorpmanageengine_opmanagerMatch12.6build126115
OR
zohocorpmanageengine_opmanagerMatch12.6build126116
OR
zohocorpmanageengine_opmanagerMatch12.6build126117
OR
zohocorpmanageengine_opmanager_mspMatch12.5build125450
OR
zohocorpmanageengine_opmanager_mspMatch12.5build125656
OR
zohocorpmanageengine_opmanager_mspMatch12.5build125664
OR
zohocorpmanageengine_opmanager_mspMatch12.6build126000
OR
zohocorpmanageengine_opmanager_mspMatch12.6build126001
OR
zohocorpmanageengine_opmanager_mspMatch12.6build126100
OR
zohocorpmanageengine_opmanager_mspMatch12.6build126103
OR
zohocorpmanageengine_opmanager_mspMatch12.6build126113
OR
zohocorpmanageengine_opmanager_mspMatch12.6build126117
OR
zohocorpmanageengine_opmanager_plusMatch12.5build125450
OR
zohocorpmanageengine_opmanager_plusMatch12.5build125656
OR
zohocorpmanageengine_opmanager_plusMatch12.5build125664
OR
zohocorpmanageengine_opmanager_plusMatch12.6build126000
OR
zohocorpmanageengine_opmanager_plusMatch12.6build126001
OR
zohocorpmanageengine_opmanager_plusMatch12.6build126100
OR
zohocorpmanageengine_opmanager_plusMatch12.6build126103
OR
zohocorpmanageengine_opmanager_plusMatch12.6build126113
OR
zohocorpmanageengine_opmanager_plusMatch12.6build126117
OR
zohocorpmanageengine_oputilsMatch12.5build125450
OR
zohocorpmanageengine_oputilsMatch12.5build125451
OR
zohocorpmanageengine_oputilsMatch12.5build125452
OR
zohocorpmanageengine_oputilsMatch12.5build125453
OR
zohocorpmanageengine_oputilsMatch12.5build125455
OR
zohocorpmanageengine_oputilsMatch12.5build125456
OR
zohocorpmanageengine_oputilsMatch12.5build125664
OR
zohocorpmanageengine_oputilsMatch12.6build126000
OR
zohocorpmanageengine_oputilsMatch12.6build126001
OR
zohocorpmanageengine_oputilsMatch12.6build126100
OR
zohocorpmanageengine_oputilsMatch12.6build126101
OR
zohocorpmanageengine_oputilsMatch12.6build126102
OR
zohocorpmanageengine_oputilsMatch12.6build126103
OR
zohocorpmanageengine_oputilsMatch12.6build126113
OR
zohocorpmanageengine_oputilsMatch12.6build126114
OR
zohocorpmanageengine_oputilsMatch12.6build126115
OR
zohocorpmanageengine_oputilsMatch12.6build126116
OR
zohocorpmanageengine_oputilsMatch12.6build126117

Social References

More

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.6%

Related for CVE-2022-37024