Sedara Security Bulletin: Zoho ManageEngine Security Flaw
Summary:
Zoho ManageEngine has released an advisory of a high-severity security flaw that affects multiple credential management products in the ManageEngine family.
The bug has been published under CVE-2022-47523.
This vulnerability grants access to the backend database of these products to an authenticated attacker. It is a SQL injection vulnerability. Exploiting it allows the attacker to run custom queries against any entries in the backend database. This vulnerability cannot be exploited by unauthenticated users.
Mitigations:
- If your organization uses PAM360, Password Manager Pro, or Access Manager Plus, we strongly recommend you upgrade to the latest build immediately. The following versions are vulnerable:
- Password Manager Pro version 12200 and below
- PAM360 version 5800 and below
- Access Manager Plus version 4308 and below
- Enforce strong password policies and MFA whenever possible to prevent credentials from being exploited by attackers.
More Reading on this vulnerability:
- https://www.bleepingcomputer.com/news/security/zoho-urges-admins-to-patch-severe-manageengine-bug-immediately/
- https://nvd.nist.gov/vuln/detail/CVE-2022-47523
- https://www.manageengine.com/privileged-session-management/advisory/cve-2022-47523.html
Want Help With a Security Incident?
Sedara can help your organization assess and address vulnerabilities and provide insight that prevents future incidents.
Get Future Compromise Alerts – Join Sedara Declassified
Subscribe to Sedara Declassified to get timely updates on new and evolving threats – and what to do about them – just like our clients do. And of course, if we can help you with anything directly, feel free to reach out.