Sedara Security Bulletin: Zoho ManageEngine Security Flaw

Summary:

Zoho ManageEngine has released an advisory of a high-severity security flaw that affects multiple credential management products in the ManageEngine family.

The bug has been published under CVE-2022-47523.

This vulnerability grants access to the backend database of these products to an authenticated attacker. It is a SQL injection vulnerability. Exploiting it allows the attacker to run custom queries against any entries in the backend database. This vulnerability cannot be exploited by unauthenticated users.

Mitigations:

• If your organization uses PAM360, Password Manager Pro, or Access Manager Plus, we strongly recommend you upgrade to the latest build immediately. The following versions are vulnerable:
  • Password Manager Pro version 12200 and below
  • PAM360 version 5800 and below
  • Access Manager Plus version 4308 and below
• Enforce strong password policies and MFA whenever possible to prevent credentials from being exploited by attackers.

More Reading on this vulnerability:

• https://www.bleepingcomputer.com/news/security/zoho-urges-admins-to-patch-severe-manageengine-bug-immediately/
• https://nvd.nist.gov/vuln/detail/CVE-2022-47523
• https://www.manageengine.com/privileged-session-management/advisory/cve-2022-47523.html

Want Help With a Security Incident?

Sedara can help your organization assess and address vulnerabilities and provide insight that prevents future incidents.

Get Future Compromise Alerts – Join Sedara Declassified

Subscribe to Sedara Declassified to get timely updates on new and evolving threats – and what to do about them – just like our clients do. And of course, if we can help you with anything directly, feel free to reach out.