Zohocorp ManageEngine ADAudit Plus Vulnerable To SQL Injection Attacks


Zohocorp’s ManageEngine has disclosed a critical vulnerability in its ADAudit Plus software during a significant cybersecurity development.

It’s a popular tool used for Active Directory auditing and reporting. The vulnerability, identified as CVE-2024-49574, exposes versions of ADAudit Plus prior to build 8123 to potential SQL injection attacks.

SIEM as a Service

The security flaw, classified as high severity, specifically affects the reports module of ADAudit Plus.

This SQL injection vulnerability could allow an authenticated attacker to execute custom queries and gain unauthorized access to database table entries.

Experts at ManageEnigne observed that the potential for data breaches and system compromises makes this a serious concern for organizations relying on ADAudit Plus for their Active Directory management.

Free Ultimate Continuous Security Monitoring Guide - Download Here (PDF)

Zohocorp ManageEngine ADAudit Plus Vulnerability

The implications of this vulnerability are far-reaching. Authenticated adversaries could potentially exploit this flaw to:

  1. Execute arbitrary SQL commands
  2. Access sensitive information stored in the database
  3. Manipulate or delete critical data
  4. Potentially escalate privileges within the system

Such capabilities in the hands of malicious actors pose significant risks to an organization’s data integrity and overall security posture.

ManageEngine has acted swiftly to address this vulnerability. A fix has been developed and is now available in ADAudit Plus build 8123, released on November 8, 2024. IT administrators and security professionals are strongly urged to update their ADAudit Plus installations to this latest version immediately.

To mitigate the risk, ManageEngine recommends the following steps:

  1. Backup the existing ADAudit Plus installation to prevent data loss
  2. Download the service pack for build 8123
  3. Follow the upgrade instructions provided in the ManageEngine documentation

For users running very old versions of ADAudit Plus, a staged upgrade process may be necessary. ManageEngine has provided detailed instructions for various version ranges to ensure a smooth transition to the latest, secure build.

SQL injection vulnerabilities continue to be a significant threat vector, highlighting the need for ongoing vigilance in software development and maintenance.

Organizations using ManageEngine ADAudit Plus are advised to treat this update as a priority. The potential risks associated with CVE-2024-49574 underscore the importance of maintaining up-to-date software and regularly assessing system vulnerabilities. As cyber threats continue to evolve, staying current with security patches remains a crucial aspect of maintaining a strong cybersecurity posture.

Analyze Unlimited Phishing & Malware with ANY.RUN For Free - 14 Days Free Trial.



Source link