An issue was discovered in ZOHO ManageEngine OpManager 12.2. The 'apiKey' parameter of "/api/json/admin/getmailserversettings" and "/api/json/dashboard/gotoverviewlist" is vulnerable to a Blind SQL Injection attack.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-05-23T17:09:19
Updated: 2024-08-05T18:12:40.323Z
Reserved: 2017-07-22T00:00:00
Link: CVE-2017-11559
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-05-23T18:29:00.560
Modified: 2019-05-24T16:26:31.493
Link: CVE-2017-11559
Redhat
No data.