CVE-2024-36034

Published: Aug 12, 2024
Updated: Aug 17, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2024-36034" target="_blank" rel="noopener"> CVE-2024-36034
Severity: High
Exploit:

Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in aggregate reports' search option.

CVSS v3:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
zohocorp / manageengine_adaudit_plus	8.0-8000	8.0-8000.x
zohocorp / manageengine_adaudit_plus	8.0-8001	8.0-8001.x
zohocorp / manageengine_adaudit_plus	8.0-8002	8.0-8002.x
zohocorp / manageengine_adaudit_plus	-	8.0