2024-11-26
:
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to an SQL Injection flaw in the technician reports functionality. This critical vulnerability could allow an authenticated attacker to execute malicious SQL queries and potentially gain access to sensitive data within the database.
Vulnerability Details:
Platform: ManageEngine ADAudit Plus
Version: Below 8121
Vulnerability: SQL Injection (CVE-2024-5608)
Severity: Critical (CVSS score: 8.3)
Date: October 24, 2024 (Published by NVD)
What Undercode Says:
This critical SQL injection vulnerability in ManageEngine ADAudit Plus can be exploited by attackers to compromise your system. It’s crucial to update your ADAudit Plus instance to version 8121 immediately to address this security risk. Additionally, consider implementing best practices for database security to further mitigate the risk of SQL injection attacks.
References:
Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com
Image Source:
OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.help