HTTP: Zoho ManageEngine Multiple Products SQL injection
This signature detects attempts to exploit a known vulnerability against Zoho ManageEngine Multiple Products. A successful attack can lead to command injection and arbitrary code execution.
Extended Description
Multiple SQL injection vulnerabilities in ZOHO ManageEngine OpManager 11.3 and 11.4, IT360 10.3 and 10.4, and Social IT Plus 11.0 allow remote attackers or remote authenticated users to execute arbitrary SQL commands via the (1) OPM_BVNAME parameter in a Delete operation to the APMBVHandler servlet or (2) query parameter in a compare operation to the DataComparisonServlet servlet.
Affected Products
Zohocorp manageengine_opmanager
Short Name
HTTP:SQL:INJ:ZOHO-ME-MUL-PRDCTS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2014-7868 CVE-2022-27908 CVE-2022-29535 ManageEngine Multiple Products SQL Zoho bid:71002 injection
Release Date
10/18/2021
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3825
False Positive
Unknown
Vendors
Zohocorp