Vulnerability Details CVE-2024-38872
Zohocorp ManageEngine Exchange Reporter Plus versions 5717 and below are vulnerable to the authenticated SQL injection in the monitoring module.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.037
EPSS Ranking 87.5%
CVSS Severity
CVSS v3 Score 8.3
References
Products affected by CVE-2024-38872
-
cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:-
-
cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.4
-
cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.5
-
cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.6
-
cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7