June 25, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Bitter APT – Active IOCs
July 22, 2024Multiple Apache Products Vulnerabilities
July 22, 2024Bitter APT – Active IOCs
July 22, 2024Multiple Apache Products Vulnerabilities
July 22, 2024
Severity
High
Analysis Summary
CVE-2024-21775 CVSS:8.3
Zoho ManageEngine Exchange Reporter Plus is vulnerable to SQL injection. A remote authenticated attacker could send specially crafted SQL statements to the report exporting feature, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVE-2023-49333 CVSS:8.3
Zoho ManageEngine ADAudit Plus is vulnerable to SQL injection. A remote authenticated attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVE-2023-49332 CVSS:8.3
Zoho ManageEngine ADAudit Plus is vulnerable to SQL injection. A remote authenticated attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVE-2023-49334 CVSS:8.3
Zoho ManageEngine ADAudit Plus is vulnerable to SQL injection. A remote authenticated attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVE-2023-49331 CVSS:8.3
Zoho ManageEngine ADAudit Plus is vulnerable to SQL injection. A remote authenticated attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVE-2023-49335 CVSS:8.3
Zoho ManageEngine ADAudit Plus is vulnerable to SQL injection. A remote authenticated attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVE-2024-5471 CVSS:8.8
Zoho ManageEngine DDI Central Node Agent contains hard-coded sensitive keys. A remote attacker could exploit this vulnerability to take over agent node servers.
CVE-2024-27312 CVSS:8.1
Zoho ManageEngine PAM360 could allow a remote authenticated attacker bypass security restrictions, caused by an authorization vulnerability. An attacker could exploit this vulnerability to perform admin actions.
Impact
- Data Manipulation
- Gain Access
- Security Bypass
Indicators of Compromise
CVE
- CVE-2024-21775
- CVE-2023-49333
- CVE-2023-49332
- CVE-2023-49334
- CVE-2023-49331
- CVE-2023-49335
- CVE-2024-5471
- CVE-2024-27312
Affected Vendors
Zoho
Affected Products
- Zoho ManageEngine ADAudit Plus 7270
- Zoho ManageEngine Exchange Reporter Plus 5714
- Zoho ManageEngine DDI Central Node Agent 4001
- Zoho ManageEngine PAM360 6600
Remediation
Upgrade to the latest version, available from the Zoho ManageEngine Website.