|CVSS V3 rating: 9.8 CRITICAL
|1 July 2020
Between 14689 and 14740
|Build 14740 and above
|Unauthenticated Remote Code Execution via SQL injection in REST API module.
|Upgrade Applications Manager to version 14740 or above.
In ManageEngine Application Manager 14.7 Build 14730, an unauthenticated SQL injection leading to RCE is possible in REST API module.
We recommend you to upgrade Applications Manager to version 14740 or above to fix this issue.
Source and Acknowledgements
It allows us to track crucial metrics such as response times, resource utilization, error rates, and transaction performance. The real-time monitoring alerts promptly notify us of any issues or anomalies, enabling us to take immediate action.
Reviewer Role: Research and Development