Zoho ManageEngine OpManager Authenticated DB RCE
CVE-2022-37024 Published on August 10, 2022

Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code execution.

NVD

Products Associated with CVE-2022-37024

Want to know whenever a new CVE is published for Zoho Corp products? stack.watch will email you.

Zoho Corp Manageengine Opmanager

Zoho Corp Manageengine Network Configuration Manager

Zoho Corp Manageengine Firewall Analyzer

Zoho Corp Manageengine Netflow Analyzer

Zoho Corp Manageengine Oputils

Zoho Corp Manageengine Opmanager Msp

Zoho Corp Manageengine Opmanager Plus

Exploit Probability

EPSS

51.23%

Percentile

97.82%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Zoho ManageEngine OpManager Authenticated DB RCECVE-2022-37024 Published on August 10, 2022

Products Associated with CVE-2022-37024

Exploit Probability

Zoho ManageEngine OpManager Authenticated DB RCE
CVE-2022-37024 Published on August 10, 2022