7.5
CVSSv2

CVE-2019-17602

Published: 15/10/2019 Updated: 17/10/2019
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

An issue exists in Zoho ManageEngine OpManager prior to 12.4 build 124089. The OPMDeviceDetailsServlet servlet is prone to SQL injection. Depending on the configuration, this vulnerability could be exploited unauthenticated or authenticated.

Vulnerability Trend

Affected Products

Vendor Product Versions
ZohocorpManageengine Opmanager-, 11.4, 11.5, 12.2, 12.3, 12.4