{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5785", "assignerOrgId": "0fc0942c-577d-436f-ae8e-945763c79b02", "state": "PUBLISHED", "assignerShortName": "Zohocorp", "dateReserved": "2026-04-08T10:55:40.854Z", "datePublished": "2026-04-16T13:46:28.313Z", "dateUpdated": "2026-04-17T03:55:15.059Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "0fc0942c-577d-436f-ae8e-945763c79b02", "shortName": "Zohocorp", "dateUpdated": "2026-04-16T13:46:28.313Z"}, "title": "SQL Injection", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-89", "description": "CWE-89 Improper neutralization of special elements used in an SQL command ('SQL injection')", "type": "CWE"}]}], "affected": [{"vendor": "Zohocorp", "product": "ManageEngine PAM360", "versions": [{"status": "affected", "version": "0", "lessThan": "8531", "versionType": "8531"}], "defaultStatus": "unaffected"}, {"vendor": "Zohocorp", "product": "ManageEngine Password Manager Pro", "versions": [{"status": "affected", "version": "8600", "lessThanOrEqual": "13230", "versionType": "13230"}], "defaultStatus": "unaffected"}], "cpeApplicability": [{"operator": "OR", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:zohocorp:manageengine_pam360:*:*:*:*:*:*:*:*", "versionStartIncluding": "0", "versionEndExcluding": "8531"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:zohocorp:manageengine_password_manager_pro:*:*:*:*:*:*:*:*", "versionStartIncluding": "8600", "versionEndIncluding": "13230"}]}]}], "descriptions": [{"lang": "en", "value": "Zohocorp ManageEngine PAM360 versions before 8531 and ManageEngine Password Manager Pro versions from 8600 to 13230 are vulnerable to Authenticated SQL injection in the query report module.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p><span></span>Zohocorp ManageEngine PAM360 versions before 8531 and ManageEngine Password Manager Pro versions from 8600 to 13230 are vulnerable to Authenticated SQL injection in the query report module.<span></span></p>"}]}], "references": [{"url": "https://www.manageengine.com/products/passwordmanagerpro/advisory/cve-2026-5785.html"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseSeverity": "HIGH", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-16T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2026-5785"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-17T03:55:15.059Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-5785", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-16T14:25:16.625081Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-16T14:25:24.637Z"}}], "cna": {"title": "SQL Injection", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Zohocorp", "product": "ManageEngine PAM360", "versions": [{"status": "affected", "version": "0", "lessThan": "8531", "versionType": "8531"}], "defaultStatus": "unaffected"}, {"vendor": "Zohocorp", "product": "ManageEngine Password Manager Pro", "versions": [{"status": "affected", "version": "8600", "versionType": "13230", "lessThanOrEqual": "13230"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.manageengine.com/products/passwordmanagerpro/advisory/cve-2026-5785.html"}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "Zohocorp ManageEngine PAM360 versions before 8531 and ManageEngine Password Manager Pro versions from 8600 to 13230 are vulnerable to Authenticated SQL injection in the query report module.", "supportingMedia": [{"type": "text/html", "value": "<p><span></span>Zohocorp ManageEngine PAM360 versions before 8531 and ManageEngine Password Manager Pro versions from 8600 to 13230 are vulnerable to Authenticated SQL injection in the query report module.<span></span></p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89 Improper neutralization of special elements used in an SQL command ('SQL injection')"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:zohocorp:manageengine_pam360:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "8531", "versionStartIncluding": "0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:zohocorp:manageengine_password_manager_pro:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "13230", "versionStartIncluding": "8600"}], "operator": "OR"}], "operator": "OR"}], "providerMetadata": {"orgId": "0fc0942c-577d-436f-ae8e-945763c79b02", "shortName": "Zohocorp", "dateUpdated": "2026-04-16T13:46:28.313Z"}}}, "cveMetadata": {"cveId": "CVE-2026-5785", "state": "PUBLISHED", "dateUpdated": "2026-04-17T03:55:15.059Z", "dateReserved": "2026-04-08T10:55:40.854Z", "assignerOrgId": "0fc0942c-577d-436f-ae8e-945763c79b02", "datePublished": "2026-04-16T13:46:28.313Z", "assignerShortName": "Zohocorp"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Zohocorp ManageEngine PAM360 versions before 8531 and ManageEngine Password Manager Pro versions from 8600 to 13230 are vulnerable to Authenticated SQL injection in the query report module."}], "id": "CVE-2026-5785", "lastModified": "2026-04-17T15:17:00.957", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "0fc0942c-577d-436f-ae8e-945763c79b02", "type": "Secondary"}]}, "published": "2026-04-16T14:16:18.430", "references": [{"source": "0fc0942c-577d-436f-ae8e-945763c79b02", "url": "https://www.manageengine.com/products/passwordmanagerpro/advisory/cve-2026-5785.html"}], "sourceIdentifier": "0fc0942c-577d-436f-ae8e-945763c79b02", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "0fc0942c-577d-436f-ae8e-945763c79b02", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,8531)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "manageengine_pam360", "vendor": "zohocorp"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[8600,13230]"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "manageengine_password_manager_pro", "vendor": "zohocorp"}], "analysis": {"en": {"generated_at": "2026-04-17T02:58:03.544737+00:00", "value": {"mitigation_remediation": ["Upgrade Zohocorp ManageEngine PAM360 to version 8531 or later and ManageEngine Password Manager Pro to version 13231 or later, following the vendor\u2019s security advisory", "If an immediate patch is not feasible, restrict user access to the query report module or disable the feature for users who do not need it", "Implement proper input validation and prefer parameterized queries for any custom extensions or scripts that interact with the database, addressing the underlying CWE\u201189 weakness"], "summary": {"action": "Apply Patch", "impact": "Authenticated SQL injection"}, "threat_synthesis": {"affected_systems": "Affected products include Zohocorp\u2019s ManageEngine PAM360 (any release before 8531) and ManageEngine Password Manager Pro (releases 8600 through 13230). These versions are vulnerable when accessed via the query report module, which requires authentication to use.", "description_and_impact": "Zohocorp ManageEngine PAM360 versions prior to 8531 and ManageEngine Password Manager Pro versions from 8600 through 13230 contain an authenticated SQL injection flaw in the query report module. The vulnerability allows a user with valid credentials to inject malicious SQL statements, potentially leading to unauthorized data exfiltration, data modification, or other database compromise. This weakness is a classic example of CWE\u201189, where unsanitized input is executed by the database engine.", "risk_and_exploitability": "The CVSS score of 8.1 classifies the vulnerability as high severity. The EPSS score is unavailable, and the flaw is not listed in the CISA KEV catalog. Based on the description, the likely attack vector is authenticated, requiring legitimate user credentials to exploit. Once authenticated, an attacker can execute arbitrary SQL against the backend database, potentially compromising confidentiality, integrity, and availability of stored credentials and audit data."}}}}, "created": "2026-04-16T15:30:06.053845+00:00", "title": "Authenticated SQL Injection in ManageEngine PAM360 and Password Manager Pro Query Report Module", "updated": "2026-04-17T03:00:08.463862+00:00", "vendors": ["zohocorp", "zohocorp$PRODUCT$manageengine_pam360", "zohocorp$PRODUCT$manageengine_password_manager_pro"]}