Security Updates - CVE Database
Home » Security Updates ยป CVE-2024-6748

SQL Injection Vulnerability - CVE-2024-6748

Severity: High

CVE ID: CVE-2024-6748

Product name Affected Version(s) Fixed Version(s) Fixed On
OpManager
OpManager Plus
OpManager MSP
RMM		 128317 and below 128318 19-07-2024
128186 24-07-2024
128267 22-07-2024

Details:

OpManager: The SQL injection vulnerability identified in the URL Monitoring has now been fixed.

Impact:

Using this SQL injection, it was possible to execute custom queries and access the database table entries.

Steps to upgrade:

  1. Kindly download the latest upgrade pack from here.
  2. Apply the latest build to your existing product installation as per the upgrade pack instructions provided in the above step.

Source and Acknowledgements

This vulnerability was reported by CrisprXiang, Cokebeer, and LFY.

Kindly contact our product support team for further details, at the below mentioned email address:

 
Related Products
 Pricing  Get Quote
Features
Quick links
Related Products
Sectors
Company
Why OpManager
Training and Support
Connect with us:
     

ManageEngine is a division of Zoho Corp.