Intrusion PreventionManageEngine.Password.Manager.Pro.CVE-2022-40300.SQL.Injection
Description
This indicates an attack attempt to exploit an SQL Injection Vulnerability in Zoho Corporation ManageEngine Password Manager Pro.
The vulnerability is due to improper validation of login username in QueryReportController class. A remote attacker can exploit the vulnerability by sending a crafted request to the target server. Successful exploitation could lead to arbitrary SQL code execution in the security context of database service, which is running with SYSTEM privileges.
Affected Products
Zoho Corporation ManageEngine Access Manager Plus before 4305
Zoho Corporation ManageEngine PAM360 before 5600
Zoho Corporation ManageEngine Password Manager Pro before 12121
Impact
System Compromise: Remote attackers can add, view, delete or modify data in the database of the affected application
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://www.manageengine.com/products/passwordmanagerpro/advisory/cve-2022-40300.html
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2023-08-07 | 25.615 | Name:Zoho. ME. Password. Manager. QueryReportController. SQL. Injection:ManageEngine. Password. Manager. Pro. CVE-2022-40300. SQL. Injection |
| 2023-01-18 | 22.478 | Sig Added |
| 2022-12-05 | 22.451 | Default_action:pass:drop |
| 2022-11-15 | 22.440 |
| ID | 52290 |
| Created | Nov 07, 2022 |
| Updated | Aug 03, 2023 |
| Risk |
|
| CVE ID | CVE-2022-40300 |
| Exploit Prediction Score | 33.36% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | Other |