CVE-2023-49332

Name of the Vulnerable Software and Affected Versions Zoho ManageEngine ADAudit Plus versions below 7271

Description The issue allows SQL injection while adding file shares. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For Zoho ManageEngine ADAudit Plus versions below 7271, update to version 7271 or later to resolve the issue. As a temporary workaround, consider restricting access to the file share addition feature until a patch is available. Avoid using the feature that allows adding file shares in the affected versions until the issue is resolved.