Security Advisory

CVE-2014-7864

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-02-04 16:00:00

Last updated 2024-08-06 13:03:27

Assigner mitre

State PUBLISHED

Description

Multiple SQL injection vulnerabilities in the FailOverHelperServlet (aka FailServlet) servlet in ZOHO ManageEngine OpManager 8 through 11.5 build 11400 and IT360 10.5 and earlier allow remote attackers and remote authenticated users to execute arbitrary SQL commands via the (1) customerName or (2) serverRole parameter in a standbyUpdateInCentral operation to servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet.

← Browse all CVEs View on cve.org ↗