ManageEngine PAM360 < 5.8 Build 5801 SQLi

critical Nessus Plugin ID 169605

Version 1.5

Oct 23, 2024, 3:47 PM

  • Plugin metadata (update thorough_tests attribute)

Plugin Feed: 202410231547

Version 1.4

Jan 13, 2023, 1:59 PM

  • IAVM reference
  • STIG Severity (set to "I")

Plugin Feed: 202301131359

Version 1.3

Jan 12, 2023, 6:19 PM

  • CVSS metrics ("CVSSv2 score" changed from "7.5" to "10.0")
  • CVSS metrics ("CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C")
  • Exploit attributes ("Exploit available" set to "False")

Plugin Feed: 202301121819

Version 1.2

Jan 9, 2023, 4:06 PM

  • CVSS metrics ("CVSSv2 score" changed from "10.0" to "7.5")
  • CVSS metrics ("CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C" to "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P")
  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C")
  • CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C")
  • Exploit attributes ("Exploit available" set to "False")
  • Exploit attributes ("Exploitability ease" set to "No known exploits are available")

Plugin Feed: 202301091606

Version 1.1

Jan 6, 2023, 9:54 PM

  • Reference

Plugin Feed: 202301062154

* Changelogs are generally available for changes made after Nov 1, 2022