ManageEngine Access Manager Plus < 4.3 Build 4309 SQLi

critical Nessus 插件 ID 169572

版本 1.4

Jan 13, 2023, 1:59 PM

  • IAVM reference
  • STIG Severity (set to "I")

Plugin Feed: 202301131359

版本 1.3

Jan 12, 2023, 6:19 PM

  • CVSS metrics ("CVSSv2 score" changed from "7.5" to "10.0")
  • CVSS metrics ("CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C")
  • Exploit attributes ("Exploit available" set to "False")

Plugin Feed: 202301121819

版本 1.2

Jan 6, 2023, 9:54 PM

  • Reference

Plugin Feed: 202301062154

版本 1.1

Jan 6, 2023, 4:14 PM

  • CVSS metrics ("CVSSv2 score" changed from "10.0" to "7.5")
  • CVSS metrics ("CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C" to "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P")
  • CVSS temporal metrics ("CVSSv2 temporal score" set to "5.5")
  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C")
  • CVSS temporal metrics ("CVSSv3 temporal score" set to "8.5")
  • CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C")
  • Exploit attributes ("Exploitability ease" set to "No known exploits are available")
  • Severity (changed from "Critical" to "High")

Plugin Feed: 202301061614

* Changelogs are generally available for changes made after Nov 1, 2022