[{"vendor":"manageengine","product":"exchange_reporter_plus","defaultStatus":"unknown","cpes":["cpe:2.3:a:manageengine:exchange_reporter_plus:*:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"5714","versionType":"custom","status":"affected"}]}]

{"timestamp":"2024-08-21T14:02:23.439501Z","id":"CVE-2024-21775","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}

[{"vendor":"ManageEngine","product":"Exchange Reporter Plus","defaultStatus":"affected","collectionURL":"https://www.manageengine.com/products/exchange-reports/download.html","platforms":["Windows"],"versions":[{"version":"0","lessThan":"5714","versionType":"5714","status":"affected"}]}]

NIST AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

NIST CWE-89

OR
     *cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:*:*:*:*:*:*:*:* versions up to (excluding) 5.7
     *cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:-:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5700:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5701:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5702:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5703:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5704:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5705:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5706:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5707:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5708:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5709:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5710:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5711:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5712:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5713:*:*:*:*:*:*
     *cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5714:*:*:*:*:*:*

https://www.manageengine.com/products/exchange-reports/advisory/CVE-2024-21775.html No Types Assigned

https://www.manageengine.com/products/exchange-reports/advisory/CVE-2024-21775.html Vendor Advisory

https://www.manageengine.com/products/exchange-reports/advisory/CVE-2024-21775.html No Types Assigned

https://www.manageengine.com/products/exchange-reports/advisory/CVE-2024-21775.html Vendor Advisory

https://www.manageengine.com/products/exchange-reports/advisory/CVE-2024-21775.html

Zoho ManageEngine Exchange Reporter Plus versions 5714 and below are vulnerable to the Authenticated SQL injection in report exporting feature.

Zoho ManageEngine Exchange Reporter Plus versions 5714 and below are vulnerable to the Authenticated SQL injection in report exporting feature.

ManageEngine CWE-89

Zoho ManageEngine Exchange Reporter Plus versions 5714 and below are vulnerable to the Authenticated SQL injection in report exporting feature.

ManageEngine AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

ManageEngine https://www.manageengine.com/products/exchange-reports/advisory/CVE-2024-21775.html [No types assigned]