Zoho Manageengine Vulnérabilités

Chronologie

Taper

Not Defined	289
Log Management Software	58
Network Management Software	56
Endpoint Management Software	47
Access Management Software	10

Produit

Zoho ManageEngine ServiceDesk Plus	51
Zoho ManageEngine Desktop Central	47
Zoho ManageEngine Applications Manager	46
Zoho ManageEngine OpManager	45
Zoho ManageEngine ADManager Plus	42

Contre-mesures

Official Fix	266
Temporary Fix	0
Workaround	0
Unavailable	8
Not Defined	202

Exploitabilité

High	34
Functional	0
Proof-of-Concept	54
Unproven	9
Not Defined	379

Vecteur d'accès

Not Defined	0
Physical	2
Local	8
Adjacent	83
Network	383

Authentification

Not Defined	0
High	14
Low	216
None	246

Interaction de l'utilisateur

Not Defined	0
Required	129
None	347

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	3
≤4	31
≤5	60
≤6	122
≤7	107
≤8	95
≤9	51
≤10	7

CVSSv3 Temp

≤1	0
≤2	0
≤3	3
≤4	38
≤5	80
≤6	148
≤7	70
≤8	83
≤9	49
≤10	5

VulDB

≤1	0
≤2	0
≤3	6
≤4	57
≤5	101
≤6	94
≤7	118
≤8	87
≤9	8
≤10	5

NVD

≤1	0
≤2	0
≤3	1
≤4	1
≤5	10
≤6	17
≤7	86
≤8	49
≤9	39
≤10	80

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	3
≤6	2
≤7	3
≤8	2
≤9	4
≤10	4

Fournisseur

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	1
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploiter 0 jour

<1k	102
<2k	241
<5k	132
<10k	0
<25k	1
<50k	0
<100k	0
≥100k	0

Exploiter aujourd'hui

<1k	464
<2k	11
<5k	1
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploiter le volume du marché

🔴 CTI Activités

Affected Products (79): ADAudit (3), ADAudit Plus (10), ADAuditPlus (1), ADManager Plus (42), ADManagerPlus (1), AD Manager Plus (1), ADManager Plus Build (1), ADSelfService (2), ADSelfService Plus (41), ADSelfService Plus GINA Client (1), Access Manager Plus (10), Active Directory 360 (1), Analytics Plus (3), AppManager (1), Application Control Plus (2), Application Manager (5), Applications Manager (46), Asset Explorer (7), AssetExplorer (13), Asset Explorer Agent (3), Browser Security Plus (1), CloudSecurityPlus (1), Cloud Security Plus (1), DataSecurity Plus (4), Desktop Central (47), DesktopCentral (2), Desktop Central MSP (3), Device Control Plus (3), Device Expert (1), Endpoint Central (1), Endpoint Central MSP (1), Endpoint DLP (1), EventLog Analyzer (14), Event Log Analyzer (3), Exchange Reporter Plus (4), FireWall (1), Firewall Analyzer (12), Key Manager Plus (4), Log360 (6), Log Analyzer (2), M365 Manager Plus (2), ManageEngine (2), ManageEngine Log360 (1), ManageEngine Netflow Analyzer (4), ManageEngine OpManager (13), ManageEngine OpUtils (1), ManageEngine PAM360 (2), Mobile Device Manager Plus (2), Monitoring Manager (3), NetFlow Analyzer (5), Netflow Analyzer (6), Netflow Analyzer Professional (7), Network Configuration Manager (11), O365 Manager Plus (2), OPManager (2), OS Deployer (1), OpManager (45), OpManager MSP (3), OpManager Plus (3), OpStor (2), OpUtils (7), PAM 360 (1), PAM360 (6), Password Manager Pro (30), Patch Connect Plus (2), Patch Manager Plus (2), Recovery Manager Plus (2), Remote Access Plus (10), Remote Monitoring and Management (1), ServiceDesk (3), Service Desk Plus (1), ServiceDesk Plus (51), ServiceDesk Plus MSP (13), Service Plus (1), SharePoint Manager Plus (2), Support Center Plus (4), SupportCenter Plus (14), Vulnerability Manager Plus (2), and SupportCenter Plus (1)

Link to Vendor Website: https://www.manageengine.com/

Publié	Base	Temp	Vulnérabilité	Prod	Exp	Con	EPSS	CTI	CVE
11/03/2024	8.5	8.5	Zoho ManageEngine Desktop Central elévation de privilèges	Endpoint Management Software	Not Defined	Not Defined	0.00043	0.03	CVE-2024-2370
16/02/2024	7.3	7.1	Zoho ManageEngine Exchange Reporter Plus Report Exporting sql injection	Reporting Software	Not Defined	Official Fix	0.00043	0.05	CVE-2024-21775
02/02/2024	7.8	7.7	Zoho ManageEngine ADAudit Plus File-Summary DrillDown sql injection	Inconnue	Not Defined	Official Fix	0.00538	0.05	CVE-2024-0269
02/02/2024	7.8	7.7	Zoho ManageEngine ADAudit Plus Home Graph-Data sql injection	Inconnue	Not Defined	Official Fix	0.00538	0.06	CVE-2024-0253
02/02/2024	7.6	7.6	Zoho ManageEngine ADAudit Plus Aggregate Report sql injection	Inconnue	Not Defined	Not Defined	0.07729	0.04	CVE-2023-48793
02/02/2024	7.6	7.6	Zoho ManageEngine ADAudit Plus sql injection	Inconnue	Not Defined	Not Defined	0.07729	0.00	CVE-2023-48792
25/01/2024	2.5	2.5	Zoho ManageEngine ADAudit Plus directory traversal	Inconnue	Not Defined	Official Fix	0.00069	0.03	CVE-2023-50785
18/01/2024	4.4	4.4	Zoho ManageEngine ServiceDesk Plus MSP Task Name cross site scripting	Inconnue	Not Defined	Official Fix	0.00733	0.02	CVE-2023-49943
11/01/2024	9.3	9.1	Zoho ManageEngine ADSelfService Plus Load Balancer Privilege Escalation	Inconnue	Not Defined	Official Fix	0.00135	0.07	CVE-2024-0252
08/01/2024	7.7	7.7	Zoho ManageEngine OpManager HTTP Request uploadMib directory traversal	Network Management Software	Not Defined	Not Defined	0.00164	0.04	CVE-2023-47211
22/11/2023	5.7	5.6	Zoho ManageEngine Recovery Manager Plus Proxy Setting Privilege Escalation	Inconnue	Not Defined	Official Fix	0.00507	0.00	CVE-2023-48646
16/11/2023	4.4	4.3	Zoho ManageEngine Service Desk Plus Encryption Key divulgation de l'information	Access Management Software	Not Defined	Official Fix	0.00042	0.01	CVE-2023-6105
03/11/2023	6.7	6.7	Zoho ManageEngine Desktop Central HTTP Request smtpConfig.do elévation de privilèges	Endpoint Management Software	Not Defined	Not Defined	0.00386	0.00	CVE-2023-4769
03/11/2023	5.2	5.2	Zoho ManageEngine Desktop Central HTTP Response InvSWMetering.pdf elévation de privilèges	Endpoint Management Software	Not Defined	Not Defined	0.00464	0.02	CVE-2023-4768
03/11/2023	5.2	5.2	Zoho ManageEngine Desktop Central HTTP Response InvSWMetering.csv elévation de privilèges	Endpoint Management Software	Not Defined	Not Defined	0.00464	0.00	CVE-2023-4767
27/09/2023	5.5	5.3	Zoho ManageEngine ADManager Plus REST API authentification faible	Inconnue	Not Defined	Official Fix	0.01412	0.04	CVE-2023-41904
12/09/2023	5.7	5.6	Zoho ManageEngine ADManager Plus Privilege Escalation	Inconnue	Not Defined	Official Fix	0.00113	0.00	CVE-2023-38743
01/09/2023	3.6	3.6	Zoho ManageEngine ADManager Plus directory traversal	Inconnue	Not Defined	Not Defined	0.00101	0.03	CVE-2023-39912
29/08/2023	7.6	7.6	Zoho ManageEngine ADManager Plus 2FA authentification faible	Inconnue	Not Defined	Not Defined	0.02551	0.06	CVE-2023-35785
18/08/2023	5.4	5.3	Zoho ManageEngine ADManager Plus Build elévation de privilèges	Inconnue	Not Defined	Not Defined	0.00060	0.02	CVE-2023-31492
11/08/2023	4.8	4.7	Zoho ManageEngine Password Manager Pro Query Report cross site scripting	Inconnue	Not Defined	Official Fix	0.00097	0.00	CVE-2020-27449
11/08/2023	4.8	4.8	Zoho ManageEngine Applications Manager cross site scripting	Log Management Software	Not Defined	Not Defined	0.00522	0.03	CVE-2023-38333
07/08/2023	6.5	6.5	Zoho ManageEngine ADAudit Plus Event Analysis elévation de privilèges	Inconnue	Not Defined	Not Defined	0.03155	0.00	CVE-2023-32783
04/08/2023	5.0	5.0	Zoho ManageEngine ADManager Plus divulgation de l'information	Inconnue	Not Defined	Not Defined	0.00048	0.00	CVE-2023-38332
04/08/2023	5.8	5.8	Zoho ManageEngine Network Configuration Manager WebSocket Endpoint divulgation de l'information	Inconnue	Not Defined	Not Defined	0.00134	0.06	CVE-2023-29505

451 plus d'entrées ne sont pas affichées

🔒 Login Required

You need to signup and login to see more of the remaining 451 results.

◂ PrécédentAperçuSuivant ▸

Interested in the pricing of exploits?

See the underground prices here!