CVE-2022-43672

Description

Zoho ManageEngine Password Manager Pro before 12122, PAM360 before 5711, and Access Manager Plus before 4306 allow SQL Injection (in a different software component relative to CVE-2022-43671.

Related CPE's

azohocorpmanageengine_access_manager_plus4.3build4300******

azohocorpmanageengine_access_manager_plus4.3build4301******

azohocorpmanageengine_access_manager_plus********

azohocorpmanageengine_access_manager_plus4.3build4302******

azohocorpmanageengine_password_manager_pro********

azohocorpmanageengine_password_manager_pro12.1build12100******

azohocorpmanageengine_access_manager_plus4.3build4303******

azohocorpmanageengine_access_manager_plus4.3build4304******

azohocorpmanageengine_password_manager_pro12.1build12110******

azohocorpmanageengine_access_manager_plus4.3build4305******

References

https://www.manageengine.com/products/passwordmanagerpro/advisory/cve-2022-43672.html

Vendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics
Created by Yello
About Severity.io