# Security Updates - CVE-2022-29535 | ManageEngine OpManager

## CVE-2022-29535

#### SQL injection vulnerability identified in few default reports.

**Severity:** High  

**CVE ID:** [CVE-2022-29535](https://nvd.nist.gov/vuln/detail/CVE-2022-29535)  

**Affected version(s):** Build 125617 and below  

**Fixed version(s):** Build 125589/125604/125629.  

**Fixed on:** April 14, 2022  

**More details:**  
The SQL injection vulnerability issues identified in a few default reports have been fixed now. (Reported by Anh Vu)

**Impact:**  
It was possible to execute custom queries and access the database table entries.

**Steps to upgrade:**  
Upgrade to the latest version of OpManager [125589](https://www.manageengine.com/network-monitoring/service-packs.html) / 125604 / [125629](https://www.manageengine.com/network-monitoring/itom-servicepack.html) by clicking on the respective build number or contact our support team at [opmanager-support@manageengine.com](mailto:opmanager-support@manageengine.com).

**Source and Acknowledgements**

This vulnerability was reported by Anh Vu on April 04, 2022. Find out more about CVE-2022-29535 from the [CVE dictionary](https://nvd.nist.gov/vuln/detail/CVE-2022-29535).

## Need Help?

For clarification or corrections please contact our [support team](https://www.manageengine.com/network-monitoring/support.html) or email us at [itom-upgrades@manageengine.com](mailto:itom-upgrades@manageengine.com).