Direct Inward Dialing: +1 408 916 9892
Vulnerability details | |
Severity | High |
CVE ID | CVE-2024-36518 |
Affected software versions | All ADAudit Plus builds below 8110 |
Fixed version | Build 8110 |
Fixed on | June 14, 2024 |
An authenticated SQL injection vulnerability in ADAudit Plus Attack Surface Analyzer's dashboard for Cloud Directory has been fixed.
This vulnerability could allow an authenticated adversary to execute custom queries and access the database table entries using the vulnerable request.
Update your ADAudit Plus instance to the latest build — 8110 — using the service pack.
This issue was reported by Nhien Pham (@nhienit) at Galaxy One.
Please contact support@adauditplus.com for more details.