Lucene search
0fc0942c-577d-436f-ae8e-945763c79b02NVD:CVE-2024-21775HistoryFeb 16, 2024 - 3:15 p.m.
CVE-2024-21775
2024-02-1615:15:08
CWE-89
0fc0942c-577d-436f-ae8e-945763c79b02
web.nvd.nist.gov
zoho manageengine
exchange reporter plus
sql injection
report exporting
vulnerability
8.3 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
0.0004 Low
EPSS
Percentile
9.2%
Zoho ManageEngine Exchange Reporter Plus versionsย 5714ย and below are vulnerable to the Authenticated SQL injection in report exporting feature.
Related
prion
prion
Sql injection
2024-02-16 15:15:00
cvelist
cvelist
CVE-2024-21775 SQL Injection
2024-02-16 14:35:11
cve
cve
CVE-2024-21775
2024-02-16 15:15:08
8.3 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
0.0004 Low
EPSS
Percentile
9.2%
Related for NVD:CVE-2024-21775