CVE-2022-27908

SQL injection vulnerability in the Inventory Reports module.

Severity: High

CVE ID: CVE-2022-27908

Affected version(s): Build 125597 and below

Fixed version(s): Build 125588/125603.

Fixed on: April 07, 2022

More details:
An SQL injection vulnerability was detected in the Inventory Reports module. It has been fixed now.

Impact:
It was possible to execute custom queries and access the database table entries.

Steps to upgrade:
Upgrade to the latest version of OpManager 125588 / 125603 by clicking on the respective build number or contact our support team at opmanager-support@manageengine.com.

Source and Acknowledgements

This vulnerability was reported by Anh Vu on March 22, 2022. Find out more about CVE-2022-27908 from the CVE dictionary.

Need Help?

For clarification or corrections please contact our support team or email us at itom-upgrades@manageengine.com.

Video Zone
OpManager Customer Videos
Michael Senatore, Operations Manager, Rojan Australia Pty Ltd.
  
  •  Venkatesan Veerappan, IT Consultant
     Mohd Jaffer Tawfiq Murtaja, Information Security officer from Al Ain sports club
  •  Jonathan ManageEngine Customer
     IT Admin from "Royal flying doctor service", Australia
  •  Michael Senatore, Operations Manager, Rojan Australia Pty Ltd.
     Michael - Network & Tech, ManageEngine Customer
  •  Altaleb Alshenqiti - Ministry of National Guard - Health Affairs
     Donald Stewart, IT Manager from Crest Industries
  •  John Rosser, MIS Manager - Yale Chase Equipment & Services
     David Tremont, Associate Directory of Infrastructure,USA
+-
Do you want a Price Quote?
For how many devices?
Fill out the form below
Name *
Business Email *
Phone *
By clicking 'Send', you agree to processing of personal data according to the Privacy Policy.
Thank you!
Back to Top