CVE-2022-27908

SQL injection vulnerability in the Inventory Reports module.

Severity: High

CVE ID: CVE-2022-27908

Affected version(s): Build 125597 and below

Fixed version(s): Build 125588/125603.

Fixed on: April 07, 2022

More details:
An SQL injection vulnerability was detected in the Inventory Reports module. It has been fixed now.

Impact:
It was possible to execute custom queries and access the database table entries.

Steps to upgrade:
Upgrade to the latest version of OpManager 125588 / 125603 by clicking on the respective build number or contact our support team at opmanager-support@manageengine.com.

Source and Acknowledgements

This vulnerability was reported by Anh Vu on March 22, 2022. Find out more about CVE-2022-27908 from the CVE dictionary.

Need Help?

For clarification or corrections please contact our support team or email us at itom-upgrades@manageengine.com.

Video Zone
OpManager Customer Videos
Altaleb Alshenqiti - Ministry of National Guard - Health Affairs
  
  •  IT Admin from "Royal flying doctor service", Australia
     Jonathan ManageEngine Customer
  •  Michael - Network & Tech, ManageEngine Customer
     Altaleb Alshenqiti - Ministry of National Guard - Health Affairs
  •  David Tremont, Associate Directory of Infrastructure,USA
     Todd Haverstock Administrative Director
  •  Donald Stewart, IT Manager from Crest Industries
     John Rosser, MIS Manager - Yale Chase Equipment & Services
 Pricing  Get Quote