cbcvebase.
CVE-2023-49334
published 2024-05-20

CVE-2023-49334: Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while exporting a full summary report.

PriorityP358high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
3.00%
85.7th percentile
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while exporting a full summary report.

Affected

28 ranges· showing 25
VendorProductVersion rangeFixed in
manageengineadaudit_plus< 72717271
microsoftmicrosoft.aspnetcore.app.runtime.linux-arm>= 0 < 6.0.206.0.20
microsoftmicrosoft.aspnetcore.app.runtime.linux-arm>= 7.0.0 < 7.0.97.0.9
microsoftmicrosoft.aspnetcore.app.runtime.linux-arm64>= 0 < 6.0.206.0.20
microsoftmicrosoft.aspnetcore.app.runtime.linux-arm64>= 7.0.0 < 7.0.97.0.9
microsoftmicrosoft.aspnetcore.app.runtime.linux-musl-arm>= 0 < 6.0.206.0.20
microsoftmicrosoft.aspnetcore.app.runtime.linux-musl-arm>= 7.0.0 < 7.0.97.0.9
microsoftmicrosoft.aspnetcore.app.runtime.linux-musl-arm64>= 0 < 6.0.206.0.20
microsoftmicrosoft.aspnetcore.app.runtime.linux-musl-arm64>= 7.0.0 < 7.0.97.0.9
microsoftmicrosoft.aspnetcore.app.runtime.linux-musl-x64>= 0 < 6.0.206.0.20
microsoftmicrosoft.aspnetcore.app.runtime.linux-musl-x64>= 7.0.0 < 7.0.97.0.9
microsoftmicrosoft.aspnetcore.app.runtime.linux-x64>= 0 < 6.0.206.0.20
microsoftmicrosoft.aspnetcore.app.runtime.linux-x64>= 7.0.0 < 7.0.97.0.9
microsoftmicrosoft.aspnetcore.app.runtime.osx-arm64>= 0 < 6.0.206.0.20
microsoftmicrosoft.aspnetcore.app.runtime.osx-arm64>= 7.0.0 < 7.0.97.0.9
microsoftmicrosoft.aspnetcore.app.runtime.osx-x64>= 0 < 6.0.206.0.20
microsoftmicrosoft.aspnetcore.app.runtime.osx-x64>= 7.0.0 < 7.0.97.0.9
microsoftmicrosoft.aspnetcore.app.runtime.win-arm>= 0 < 6.0.206.0.20
microsoftmicrosoft.aspnetcore.app.runtime.win-arm>= 7.0.0 < 7.0.97.0.9
microsoftmicrosoft.aspnetcore.app.runtime.win-arm64>= 0 < 6.0.206.0.20
microsoftmicrosoft.aspnetcore.app.runtime.win-arm64>= 7.0.0 < 7.0.97.0.9
microsoftmicrosoft.aspnetcore.app.runtime.win-x64>= 0 < 6.0.206.0.20
microsoftmicrosoft.aspnetcore.app.runtime.win-x64>= 7.0.0 < 7.0.97.0.9
microsoftmicrosoft.aspnetcore.app.runtime.win-x86>= 0 < 6.0.206.0.20
microsoftmicrosoft.aspnetcore.app.runtime.win-x86>= 7.0.0 < 7.0.97.0.9

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
ghsa8.1HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.