Zoho ManageEngine Password Manager Pro/OPManager access control

EntryHistoryDiffjsonxmlCTI

A vulnerability has been found in Zoho ManageEngine Password Manager Pro and OPManager (Network Management Software) (affected version unknown) and classified as critical. Affected by this vulnerability is an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field	07/19/2022 11:16 AM	08/06/2022 01:44 PM	08/11/2022 09:41 AM
vendor	ManageEngine	ManageEngine	Zoho ManageEngine
name	Password Manager Pro/OPManager	Password Manager Pro/OPManager	Password Manager Pro/OPManager
cwe	284 (access control)	284 (access control)	284 (access control)
risk	2	2	2
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	L	L	L
cvss3_vuldb_i	L	L	L
cvss3_vuldb_a	L	L	L
cvss3_vuldb_rc	C	C	C
url	https://www.manageengine.com/itom/advisory/cve-2022-35404.html	https://www.manageengine.com/itom/advisory/cve-2022-35404.html	https://www.manageengine.com/itom/advisory/cve-2022-35404.html
cve	CVE-2022-35404	CVE-2022-35404	CVE-2022-35404
cve_assigned	1657231200 (07/08/2022)	1657231200 (07/08/2022)	1657231200 (07/08/2022)
cve_nvd_summary	ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine.	ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine.	ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine.
date	1658181600 (07/19/2022)	1658181600 (07/19/2022)	1658181600 (07/19/2022)
type	Network Management Software	Network Management Software	Network Management Software
cvss2_vuldb_ac	L	L	L
cvss2_vuldb_ci	P	P	P
cvss2_vuldb_ii	P	P	P
cvss2_vuldb_ai	P	P	P
cvss2_vuldb_rc	C	C	C
cvss2_vuldb_av	A	A	A
cvss2_vuldb_au	S	S	S
cvss2_vuldb_e	ND	ND	ND
cvss2_vuldb_rl	ND	ND	ND
cvss3_vuldb_av	A	A	A
cvss3_vuldb_pr	L	L	L
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_e	X	X	X
cvss3_vuldb_rl	X	X	X
cvss2_vuldb_basescore	5.2	5.2	5.2
cvss2_vuldb_tempscore	5.2	5.2	5.2
cvss3_vuldb_basescore	5.5	5.5	5.5
cvss3_vuldb_tempscore	5.5	5.5	5.5
cvss3_meta_basescore	5.5	6.8	6.8
cvss3_meta_tempscore	5.5	6.8	6.8
price_0day	$0-$5k	$0-$5k	$0-$5k
cvss3_nvd_av		N	N
cvss3_nvd_ac		L	L
cvss3_nvd_pr		N	N
cvss3_nvd_ui		N	N
cvss3_nvd_s		U	U
cvss3_nvd_c		N	N
cvss3_nvd_i		L	L
cvss3_nvd_a		H	H
cvss3_nvd_basescore		8.2	8.2

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!