ManageEngine ADAudit Plus Vulnerability (DC-2024-36518) – High

2024-11-22

: Zohocorp ManageEngine ADAudit Plus versions before 8110 are susceptible to an authenticated SQL injection flaw within the Attack Surface Analyzer’s dashboard. This vulnerability could allow an attacker to execute malicious queries and access database tables.

Vulnerability Details:

Platform: ManageEngine ADAudit Plus
Version: Below 8110
Vulnerability: Authenticated SQL Injection (CVE-2024-36518)
Severity: High
Date: August 12, 2024 (Published by NVD)

What Undercode Says:

This vulnerability can be exploited by an authenticated attacker to compromise the ManageEngine ADAudit Plus database. Upgrading to version 8110 or later is crucial to address this security risk.

Additional Notes:

The NVD entry for CVE-2024-36518 includes details about the vulnerability and references to a fix provided by ManageEngine.
This vulnerability was identified and reported by Nhien Pham (@nhienit) at Galaxy One.

References:

Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com

Image Source:

OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.helpFeatured Image

Scroll to Top