ManageEngine Password Manager Pro/PAM360 SQL Injection Vulnerability (CVE-2024-5546) Advisory

Key Information Vulnerability Description Product Name: Password Manager Pro and PAM360 Vulnerability ID: CVE-2024-5546 Severity: High Details: SQL Injection vulnerability that allows attackers to execute custom queries and access database table entries. Impact Affected Versions: - Password Manager Pro: All versions prior to 12430 - PAM360: All versions prior to 7000 Fixed Versions: - Password Manager Pro: 12431 着 PAM360: 7001 Patch Date: June 14, 2024 Security Recommendations Recommendation: Users are strongly advised to upgrade to the latest versions of Password Manager Pro and PAM360. Upgrade Steps: 1. Download the latest upgrade pack: - Password Manager Pro: Download Link - PAM360: Download Link 2. Follow the instructions in the upgrade pack to update the existing product installation. Contact Support Contact Email: - Password Manager Pro: Email - PAM360: Email Additional Information Product Support: Technical support and contact information provided by ManageEngine. Summary This vulnerability is a high-severity SQL injection flaw affecting multiple versions of Password Manager Pro and PAM360. Users are advised to upgrade to the latest versions as soon as possible to mitigate the risk.

Goal Reached Thanks to every supporter — we hit 100%!

ManageEngine Password Manager Pro/PAM360 SQL Injection Vulnerability (CVE-2024-5546) Advisory