Check Point Advisories

Zoho Corp ManageEngine SQL Injection (CVE-2022-43672)

Check Point Reference: CPAI-2022-1499
Date Published: 7 May 2023
Severity: Critical
Last Updated: Sunday 07 May, 2023
Source:
Industry Reference:CVE-2022-43672
Protection Provided by:

Security Gateway
R81, R80, R77, R75

Who is Vulnerable? Zoho Corp ManageEngine Access Manager Plus prior to 4.3
Zoho Corp ManageEngine Access Manager Plus 4.3 Build4300
Zoho Corp ManageEngine Access Manager Plus 4.3 Build4301
Zoho Corporation ManageEngine Access Manager Plus 4.3 Build4302
Zoho Corporation ManageEngine Access Manager Plus 4.3 Build4303
Zoho Corporation ManageEngine Access Manager Plus 4.3 Build4304
Zoho Corporation Manageengine Access Manager Plus 4.3 Build4305
Zoho Corp ManageEngine PAM360 prior to 5.7
Zoho Corporation Manageengine Pam360 5.7 Build5700
Zoho Corporation Manageengine Pam360 5.7 Build5710
Zoho Corp Manageengine Password Manager Pro prior to 12.1
ZohoCorp ManageEngine Password Manager Pro 12.1 Build 12100
ZohoCorp ManageEngine Password Manager Pro 12.1 Build 12101
Zoho Corporation ManageEngine Password Manager Pro 12.1 Build12110
Zoho Corporation ManageEngine Password Manager Pro 12.1 Build12120
ZohoCorp ManageEngine Password Manager Pro 12.1 Build12121
Vulnerability Description An SQL injection vulnerability exists in Zoho Corp ManageEngine. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system.

Protection Overview

This protection detects attempts to exploit this vulnerability.

In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.

Security Gateway R81 / R80 / R77 / R75

  1. In the IPS tab, click Protections and find the Zoho Corp ManageEngine SQL Injection (CVE-2022-43672) protection using the Search tool and Edit the protection's settings.
  2. Install policy on all Security Gateways.

This protection's log will contain the following information:

Attack Name:  Web Server Enforcement Violation.
Attack Information:  Zoho Corp ManageEngine SQL Injection (CVE-2022-43672)

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK