March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – CVE-2024-1085 – Linux Kernel Vulnerability
February 6, 2024Rewterz Threat Advisory – CVE-2023-39297 – QNAP QTS, QuTS hero and QuTScloud Vulnerability
February 6, 2024Rewterz Threat Advisory – CVE-2024-1085 – Linux Kernel Vulnerability
February 6, 2024Rewterz Threat Advisory – CVE-2023-39297 – QNAP QTS, QuTS hero and QuTScloud Vulnerability
February 6, 2024
Severity
High
Analysis Summary
CVE-2024-0253
ManageEngine ADAudit Plus is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to the Dashboard’s Graphical and Summary views, which could allow the attacker to view, add, modify or delete information in the back-end database.
Impact
- Data Manipulation
Indicators Of Compromise
CVE
- CVE-2024-0253
Affected Vendors
Zoho
Affected Products
- Zoho ManageEngine ADAudit Plus 7270
Remediation
Refer to ManageEngine Website for patch, upgrade or suggested workaround information.