Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-37024: Security Updates - CVE-2022-37024 | ManageEngine OpManager

Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code execution.

CVE
#vulnerability#rce#auth#zero_day

Remote Code Execution - CVE-2022-37024

Severity: High

CVE ID: CVE-2022-37024

Product name

Affected Version(s)

Fixed Version(s)

Fixed On

OpManager
OpManager Plus
OpManager MSP
Network Configuration Manager
NetFlow Analyzer
OpUtils

Customers with builds between 126113 and 126119

126120

29-07-2022

Customers with builds between 126100 and 126104

126105

30-07-2022

Customers with builds 126000 and 126002

Customers with build 125664

126003

Customers with builds between 125450 and 125657

125658

Details:

There was an Remote Code Execution (RCE) vulnerability reported by Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative. This has been fixed now.

Impact:

Any authenticated user can carry out changes to the database and perform RCE using it.

Steps to upgrade:

  1. Kindly download the latest upgrade pack from the following links for the respective products:
    • OpManager: https://www.manageengine.com/network-monitoring/service-packs.html
    • OpManager Plus: https://www.manageengine.com/it-operations-management/service-packs.html
    • OpManager MSP: https://www.manageengine.com/network-monitoring-msp/service-packs.html
    • Network Configuration Manager: https://www.manageengine.com/network-configuration-manager/upgradepack.html
    • NetFlow Analyzer: https://www.manageengine.com/products/netflow/service-packs.html
  2. Apply the latest build to your existing product installation as per the upgrade pack instructions provided in the above links.

Source and Acknowledgements

This vulnerability was reported by (Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative). Find out more about CVE-2022-37024 from the CVE dictionary.

Kindly contact the respective product support teams for further details at the below mentioned email addresses:

Related news

CVE-2022-38108: Published | Zero Day Initiative

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.

CVE-2022-36957: Published | Zero Day Initiative

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907