CVE-2024-5586

Published: Aug 23, 2024
Updated: Aug 28, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2024-5586" target="_blank" rel="noopener"> CVE-2024-5586
Severity: High
Exploit:

Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in extranet lockouts report option.

CVSS v3:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
zohocorp / manageengine_adaudit_plus	8.1-8100	8.1-8100.x
zohocorp / manageengine_adaudit_plus	8.1-8110	8.1-8110.x
zohocorp / manageengine_adaudit_plus	8.1-8120	8.1-8120.x
zohocorp / manageengine_adaudit_plus	-	8.0.x