Severity: High
CVE ID: CVE-2022-27908
Affected version(s): Build 125597 and below
Fixed version(s): Build 125588/125603.
Fixed on: April 07, 2022
More details:
An SQL injection vulnerability was detected in the Inventory Reports module. It has been fixed now.
Impact:
It was possible to execute custom queries and access the database table entries.
Steps to upgrade:
Upgrade to the latest version of OpManager 125588 / 125603 by clicking on the respective build number or contact our support team at opmanager-support@manageengine.com.
Source and Acknowledgements
This vulnerability was reported by Anh Vu on March 22, 2022. Find out more about CVE-2022-27908 from the CVE dictionary.
For clarification or corrections please contact our support team or email us at itom-upgrades@manageengine.com.