Zoho ManageEngine OpManager before 125588 (and before 125603) is vulnerable to authenticated SQL Injection in the Inventory Reports module.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P
Vendors Products
Zohocorp
  • Manageengine Opmanager

Configuration 1 [-]

OR cpe:2.3:a:zohocorp:manageengine_opmanager:*:*:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:-:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125000:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125002:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125100:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125101:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125102:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125108:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125110:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125111:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125112:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125113:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125114:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125116:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125117:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125118:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125120:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125121:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125123:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125124:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125125:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125136:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125137:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125139:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125140:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125143:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125144:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125145:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125156:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125157:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125158:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125159:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125161:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125163:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125174:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125175:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125176:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125177:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125178:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125180:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125181:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125192:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125193:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125194:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125195:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125196:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125197:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125198:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125201:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125204:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125212:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125213:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125214:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125215:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125216:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125228:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125229:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125230:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125231:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125232:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125233:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125312:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125323:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125324:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125326:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125328:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125329:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125340:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125341:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125342:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125343:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125344:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125346:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125358:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125359:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125360:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125361:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125362:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125364:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125366:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125367:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125375:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125376:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125377:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125378:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125379:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125380:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125381:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125382:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125386:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125392:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125393:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125394:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125397:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125398:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125399:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125405:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125410:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125411:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125413:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125414:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125415:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125416:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125417:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125420:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125428:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125430:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125431:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125432:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125433:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125434:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125437:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125446:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125448:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125450:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125451:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125452:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125453:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125455:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125466:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125467:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125468:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125469:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125470:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125482:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125483:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125485:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125486:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125487:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125488:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125489:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125567:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125568:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125587:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125588:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125589:*:*:*:*:*:*
References
Link Resource
https://www.manageengine.com/network-monitoring/security-updates/cve-2022-27908.html Patch Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-04-18T12:17:13

Updated: 2022-04-18T12:17:13

Reserved: 2022-03-25T00:00:00

Link: CVE-2022-27908

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2022-04-18T13:15:08.177

Modified: 2022-04-26T16:35:32.123

Link: CVE-2022-27908

JSON object: View

cve-icon Redhat Information

No data.

CWE