Short Name |
HTTP:CVE-2018-20338-SQ-INJ |
---|---|
Severity |
Major |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Zoho ManageEngine OpManager Alarms Section SQL Injection |
Release Date |
2019/02/25 |
Update Number |
3145 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against ManageEngine OpManager. Successful exploitation could lead to arbitrary SQL code execution in the security context of database service.
Zoho ManageEngine OpManager 12.3 before build 123239 allows SQL injection in the Alarms section.