Lucene search
0fc0942c-577d-436f-ae8e-945763c79b02NVD:CVE-2024-36517HistoryAug 23, 2024 - 2:15 p.m.
CVE-2024-36517
2024-08-2314:15:10
CWE-89
0fc0942c-577d-436f-ae8e-945763c79b02
web.nvd.nist.gov
2
zohocorp manageengine adaudit plus
authenticated sql injection
alerts module
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
31.8%
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in alerts module.
Affected configurations
Node
zohocorpmanageengine_adaudit_plusRange<8.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zohocorp | manageengine_adaudit_plus | * | cpe:2.3:a:zohocorp:manageengine_adaudit_plus:*:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2024-36517
2024-08-23 14:15:10
vulnrichment
vulnrichment
CVE-2024-36517 SQL Injection
2024-08-23 13:34:01
cvelist
cvelist
CVE-2024-36517 SQL Injection
2024-08-23 13:34:01
nessus
nessus
ManageEngine ADAudit Plus < Build 8000 Multiple Vulnerabilities
2024-08-28 00:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
31.8%
Related for NVD:CVE-2024-36517