Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:SQL:INJ:CVE-2018-17283-CE

Severity

 Major

Recommended

 Yes

Recommended Action

 Drop

Category

 HTTP

Keywords

 Zoho ManageEngine OpManager setManaged SQL Injection

Release Date

 2018/11/05

Update Number

 3115

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Zoho ManageEngine OpManager setManaged SQL Injection


This signature detects attempts to exploit a known vulnerability against Zoho ManageEngine OpManager. A successful attack can lead to arbitrary SQL code execution.

Extended Description

Zoho ManageEngine OpManager before 12.3 Build 123196 does not require authentication for /oputilsServlet requests, as demonstrated by a /oputilsServlet?action=getAPIKey request that can be leveraged against Firewall Analyzer to add an admin user via /api/json/v2/admin/addUser or conduct a SQL Injection attack via the /api/json/device/setManaged name parameter.

Affected Products

  • Zohocorp manageengine_opmanager -
  • Zohocorp manageengine_opmanager 11.4
  • Zohocorp manageengine_opmanager 11.5
  • Zohocorp manageengine_opmanager 12.2

References

  • CVE: CVE-2018-17283
  • URL: https://www.manageengine.com/network-monitoring/help/read-me.html
  • URL: https://github.com/x-f1v3/forcve/issues/4

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out