CVE-2022-37024

Published: Aug 10, 2022Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code execution.

Affected (108)

Products: Zohocorp: Manageengine Firewall Analyzer, Manageengine Netflow Analyzer, Manageengine Network Configuration Manager, Manageengine Opmanager, Manageengine Opmanager Msp, Manageengine Opmanager Plus, Manageengine Oputils

Zohocorp

7 products

Manageengine Firewall Analyzer

Manageengine Netflow Analyzer

Manageengine Network Configuration Manager

Manageengine Opmanager

Manageengine Opmanager Msp

Manageengine Opmanager Plus

Manageengine Oputils

Configuration A

108 vulnerable

Vulnerable Software	Affected Versions
Zohocorp Manageengine Firewall Analyzer	Version 12.5 build125450
Zohocorp Manageengine Firewall Analyzer	Version 12.5 build125451
Zohocorp Manageengine Firewall Analyzer	Version 12.5 build125452
Zohocorp Manageengine Firewall Analyzer	Version 12.5 build125453
Zohocorp Manageengine Firewall Analyzer	Version 12.5 build125455
Zohocorp Manageengine Firewall Analyzer	Version 12.5 build125456
Zohocorp Manageengine Firewall Analyzer	Version 12.5 build125664
Zohocorp Manageengine Firewall Analyzer	Version 12.6 build126000
Zohocorp Manageengine Firewall Analyzer	Version 12.6 build126001
Zohocorp Manageengine Firewall Analyzer	Version 12.6 build126100
Zohocorp Manageengine Firewall Analyzer	Version 12.6 build126101
Zohocorp Manageengine Firewall Analyzer	Version 12.6 build126102
Zohocorp Manageengine Firewall Analyzer	Version 12.6 build126103
Zohocorp Manageengine Firewall Analyzer	Version 12.6 build126113
Zohocorp Manageengine Firewall Analyzer	Version 12.6 build126114
Zohocorp Manageengine Firewall Analyzer	Version 12.6 build126115
Zohocorp Manageengine Firewall Analyzer	Version 12.6 build126116
Zohocorp Manageengine Firewall Analyzer	Version 12.6 build126117
Zohocorp Manageengine Netflow Analyzer	Version 12.5 build125450
Zohocorp Manageengine Netflow Analyzer	Version 12.5 build125451
Zohocorp Manageengine Netflow Analyzer	Version 12.5 build125452
Zohocorp Manageengine Netflow Analyzer	Version 12.5 build125453
Zohocorp Manageengine Netflow Analyzer	Version 12.5 build125455
Zohocorp Manageengine Netflow Analyzer	Version 12.5 build125456
Zohocorp Manageengine Netflow Analyzer	Version 12.5 build125664
Zohocorp Manageengine Netflow Analyzer	Version 12.6 build126000
Zohocorp Manageengine Netflow Analyzer	Version 12.6 build126001
Zohocorp Manageengine Netflow Analyzer	Version 12.6 build126100
Zohocorp Manageengine Netflow Analyzer	Version 12.6 build126101
Zohocorp Manageengine Netflow Analyzer	Version 12.6 build126102
Zohocorp Manageengine Netflow Analyzer	Version 12.6 build126103
Zohocorp Manageengine Netflow Analyzer	Version 12.6 build126113
Zohocorp Manageengine Netflow Analyzer	Version 12.6 build126114
Zohocorp Manageengine Netflow Analyzer	Version 12.6 build126115
Zohocorp Manageengine Netflow Analyzer	Version 12.6 build126116
Zohocorp Manageengine Netflow Analyzer	Version 12.6 build126117
Zohocorp Manageengine Network Configuration Manager	Version 12.5 build125450
Zohocorp Manageengine Network Configuration Manager	Version 12.5 build125451
Zohocorp Manageengine Network Configuration Manager	Version 12.5 build125452
Zohocorp Manageengine Network Configuration Manager	Version 12.5 build125453
Zohocorp Manageengine Network Configuration Manager	Version 12.5 build125455
Zohocorp Manageengine Network Configuration Manager	Version 12.5 build125456
Zohocorp Manageengine Network Configuration Manager	Version 12.5 build125664
Zohocorp Manageengine Network Configuration Manager	Version 12.6 build126000
Zohocorp Manageengine Network Configuration Manager	Version 12.6 build126001
Zohocorp Manageengine Network Configuration Manager	Version 12.6 build126100
Zohocorp Manageengine Network Configuration Manager	Version 12.6 build126101
Zohocorp Manageengine Network Configuration Manager	Version 12.6 build126102
Zohocorp Manageengine Network Configuration Manager	Version 12.6 build126103
Zohocorp Manageengine Network Configuration Manager	Version 12.6 build126113
Zohocorp Manageengine Network Configuration Manager	Version 12.6 build126114
Zohocorp Manageengine Network Configuration Manager	Version 12.6 build126115
Zohocorp Manageengine Network Configuration Manager	Version 12.6 build126116
Zohocorp Manageengine Network Configuration Manager	Version 12.6 build126117
Zohocorp Manageengine Opmanager	Version 12.5 build125450
Zohocorp Manageengine Opmanager	Version 12.5 build125451
Zohocorp Manageengine Opmanager	Version 12.5 build125452
Zohocorp Manageengine Opmanager	Version 12.5 build125453
Zohocorp Manageengine Opmanager	Version 12.5 build125455
Zohocorp Manageengine Opmanager	Version 12.5 build125456
Zohocorp Manageengine Opmanager	Version 12.5 build125664
Zohocorp Manageengine Opmanager	Version 12.6 build126000
Zohocorp Manageengine Opmanager	Version 12.6 build126001
Zohocorp Manageengine Opmanager	Version 12.6 build126100
Zohocorp Manageengine Opmanager	Version 12.6 build126101
Zohocorp Manageengine Opmanager	Version 12.6 build126102
Zohocorp Manageengine Opmanager	Version 12.6 build126103
Zohocorp Manageengine Opmanager	Version 12.6 build126113
Zohocorp Manageengine Opmanager	Version 12.6 build126114
Zohocorp Manageengine Opmanager	Version 12.6 build126115
Zohocorp Manageengine Opmanager	Version 12.6 build126116
Zohocorp Manageengine Opmanager	Version 12.6 build126117
Zohocorp Manageengine Opmanager Msp	Version 12.5 build125450
Zohocorp Manageengine Opmanager Msp	Version 12.5 build125656
Zohocorp Manageengine Opmanager Msp	Version 12.5 build125664
Zohocorp Manageengine Opmanager Msp	Version 12.6 build126000
Zohocorp Manageengine Opmanager Msp	Version 12.6 build126001
Zohocorp Manageengine Opmanager Msp	Version 12.6 build126100
Zohocorp Manageengine Opmanager Msp	Version 12.6 build126103
Zohocorp Manageengine Opmanager Msp	Version 12.6 build126113
Zohocorp Manageengine Opmanager Msp	Version 12.6 build126117
Zohocorp Manageengine Opmanager Plus	Version 12.5 build125450
Zohocorp Manageengine Opmanager Plus	Version 12.5 build125656
Zohocorp Manageengine Opmanager Plus	Version 12.5 build125664
Zohocorp Manageengine Opmanager Plus	Version 12.6 build126000
Zohocorp Manageengine Opmanager Plus	Version 12.6 build126001
Zohocorp Manageengine Opmanager Plus	Version 12.6 build126100
Zohocorp Manageengine Opmanager Plus	Version 12.6 build126103
Zohocorp Manageengine Opmanager Plus	Version 12.6 build126113
Zohocorp Manageengine Opmanager Plus	Version 12.6 build126117
Zohocorp Manageengine Oputils	Version 12.5 build125450
Zohocorp Manageengine Oputils	Version 12.5 build125451
Zohocorp Manageengine Oputils	Version 12.5 build125452
Zohocorp Manageengine Oputils	Version 12.5 build125453
Zohocorp Manageengine Oputils	Version 12.5 build125455
Zohocorp Manageengine Oputils	Version 12.5 build125456
Zohocorp Manageengine Oputils	Version 12.5 build125664
Zohocorp Manageengine Oputils	Version 12.6 build126000
Zohocorp Manageengine Oputils	Version 12.6 build126001
Zohocorp Manageengine Oputils	Version 12.6 build126100
Zohocorp Manageengine Oputils	Version 12.6 build126101
Zohocorp Manageengine Oputils	Version 12.6 build126102
Zohocorp Manageengine Oputils	Version 12.6 build126103
Zohocorp Manageengine Oputils	Version 12.6 build126113
Zohocorp Manageengine Oputils	Version 12.6 build126114
Zohocorp Manageengine Oputils	Version 12.6 build126115
Zohocorp Manageengine Oputils	Version 12.6 build126116
Zohocorp Manageengine Oputils	Version 12.6 build126117

References (2)

https://www.manageengine.com/itom/advisory/cve-2022-37024.html

Source: cve@mitre.org

Vendor Advisory

https://www.manageengine.com/itom/advisory/cve-2022-37024.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.