CVE-2022-29535

SQL injection vulnerability identified in few default reports.

Severity: High

CVE ID: CVE-2022-29535

Affected version(s): Build 125617 and below

Fixed version(s): Build 125589/125604/125629.

Fixed on: April 14, 2022

More details:
The SQL injection vulnerability issues identified in a few default reports have been fixed now.(Reported by Anh Vu)

Impact:
It was possible to execute custom queries and access the database table entries.

Steps to upgrade:
Upgrade to the latest version of OpManager 125589 / 125604 / 125629 by clicking on the respective build number or contact our support team at opmanager-support@manageengine.com.

Source and Acknowledgements

This vulnerability was reported by Anh Vu on April 04, 2022. Find out more about CVE-2022-29535 from the CVE dictionary.

Need Help?

For clarification or corrections please contact our support team or email us at itom-upgrades@manageengine.com.

 
 Pricing  Get Quote
Training and Support
Connect with us:
     

ManageEngine is a division of Zoho Corp.