Request a Demo
Rewterz
Bitter APT – Active IOCs
July 22, 2024
Rewterz
Multiple Apache Products Vulnerabilities
July 22, 2024

Multiple Zoho ManageEngine Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2024-21775 CVSS:8.3

Zoho ManageEngine Exchange Reporter Plus is vulnerable to SQL injection. A remote authenticated attacker could send specially crafted SQL statements to the report exporting feature, which could allow the attacker to view, add, modify or delete information in the back-end database.

CVE-2023-49333 CVSS:8.3

Zoho ManageEngine ADAudit Plus is vulnerable to SQL injection. A remote authenticated attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.

CVE-2023-49332 CVSS:8.3

Zoho ManageEngine ADAudit Plus is vulnerable to SQL injection. A remote authenticated attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.

CVE-2023-49334 CVSS:8.3

Zoho ManageEngine ADAudit Plus is vulnerable to SQL injection. A remote authenticated attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.

CVE-2023-49331 CVSS:8.3

Zoho ManageEngine ADAudit Plus is vulnerable to SQL injection. A remote authenticated attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.

CVE-2023-49335 CVSS:8.3

Zoho ManageEngine ADAudit Plus is vulnerable to SQL injection. A remote authenticated attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.

CVE-2024-5471 CVSS:8.8

Zoho ManageEngine DDI Central Node Agent contains hard-coded sensitive keys. A remote attacker could exploit this vulnerability to take over agent node servers.

CVE-2024-27312 CVSS:8.1

Zoho ManageEngine PAM360 could allow a remote authenticated attacker bypass security restrictions, caused by an authorization vulnerability. An attacker could exploit this vulnerability to perform admin actions.

Impact

  • Data Manipulation
  • Gain Access
  • Security Bypass

Indicators of Compromise

CVE

  • CVE-2024-21775
  • CVE-2023-49333
  • CVE-2023-49332
  • CVE-2023-49334
  • CVE-2023-49331
  • CVE-2023-49335
  • CVE-2024-5471
  • CVE-2024-27312

Affected Vendors

Zoho

Affected Products

  • Zoho ManageEngine ADAudit Plus 7270
  • Zoho ManageEngine Exchange Reporter Plus 5714
  • Zoho ManageEngine DDI Central Node Agent 4001
  • Zoho ManageEngine PAM360 6600

Remediation

Upgrade to the latest version, available from the Zoho ManageEngine Website.

CVE-2024-21775

CVE-2023-49333

CVE-2023-49332

CVE-2023-49334

CVE-2023-49331

CVE-2023-49335

CVE-2024-5471

CVE-2024-27312