PT-2024-26856 · Zohocorp · Zoho Manageengine Adaudit Plus

Minh Vo Van

+1

·

Published

2024-08-12

·

Updated

2024-08-16

·

CVE-2024-36035

CVSS v3.1

8.8

High

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Zohocorp ManageEngine ADAudit Plus versions below 8003
Description The issue is related to an authenticated SQL Injection vulnerability in user session recording.
Recommendations For Zohocorp ManageEngine ADAudit Plus versions below 8003, update to a version 8003 or later to resolve the issue.

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2024-36035

Affected Products

Zoho Manageengine Adaudit Plus