Intrusion PreventionManageEngine.UserGroupListTableController.SQL.Injection
Description
This indicates an attack attempt to exploit an SQL Injection Vulnerability in Zoho Corporation ManageEngine Password Manager Pro.
The vulnerability is due to improper validation of actionType parameter in the UserGroupListTableController class. A remote attacker can exploit the vulnerability by sending a crafted request to the target server. Successful exploitation could lead to arbitrary SQL code execution in the security context of database service, which runs as SYSTEM.
Affected Products
Zoho Corporation ManageEngine Access Manager Plus before 4306
Zoho Corporation ManageEngine PAM360 before 5711
Zoho Corporation ManageEngine Password Manager Pro before 12122
Impact
System Compromise: Remote attackers can add, view, delete or modify data in the database of the affected application
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://www.manageengine.com/products/passwordmanagerpro/advisory/cve-2022-43672.html
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2023-08-09 | 25.618 | Name:Zoho. ManageEngine. UserGroupListTableController. SQL. Injection:ManageEngine. UserGroupListTableController. SQL. Injection |
| 2023-02-22 | 22.500 | Default_action:pass:drop |
| 2023-02-07 | 22.491 |
| ID | 52601 |
| Created | Jan 31, 2023 |
| Updated | Aug 08, 2023 |
| Risk |
|
| CVE ID | CVE-2022-43672 |
| Exploit Prediction Score | 2.81% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | Other |