Zoho Manageengine Remote Access Plus Vulnerabilità

Sequenza temporale

Versione

10.1.21213
10.0.2591
10.0.2581
10.0.4471
10.01

Contromisure

Official Fix7
Temporary Fix0
Workaround0
Unavailable0
Not Defined3

Sfruttabilità

High0
Functional0
Proof-of-Concept1
Unproven0
Not Defined9

Accesso al vettore

Not Defined0
Physical0
Local0
Adjacent5
Network5

Autenticazione

Not Defined0
High0
Low9
None1

Interazione dell'utente

Not Defined0
Required0
None10

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤43
≤53
≤61
≤71
≤82
≤90
≤100

CVSSv3 Temp

≤10
≤20
≤30
≤43
≤53
≤61
≤71
≤82
≤90
≤100

VulDB

≤10
≤20
≤30
≤43
≤52
≤62
≤73
≤80
≤90
≤100

NVD

≤10
≤20
≤30
≤40
≤52
≤60
≤70
≤80
≤91
≤101

CNA

≤10
≤20
≤30
≤40
≤51
≤60
≤70
≤80
≤90
≤100

Fornitore

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 giorni

<1k4
<2k3
<5k3
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploiter aujourd'hui

<1k10
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Sfrutta il volume del mercato

🔴 CTI Attività

Affected Versions (5): 10.0, 10.0.258, 10.0.259, 10.0.447, 10.1.2121

Link to Product Website: https://www.manageengine.com/

Tipo di software: Access Management Software

Data di pubblicazioneBaseTempVulnerabilità0dayOggiSfrConCTICVE
18/01/20237.77.4Zoho ManageEngine Access Manager Plus Apache xmlsec Remote Code Execution$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.00CVE-2022-47966
16/04/20223.53.4Zoho ManageEngine Remote Access Plus License Detail rivelazione di un 'informazione$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-26777
16/04/20223.53.4Zoho ManageEngine Remote Access Plus Domain Detail rivelazione di un 'informazione$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-26653
30/09/20214.64.4Zoho ManageEngine Remote Access Plus crittografia debole$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-41829
30/09/20215.55.3Zoho ManageEngine Remote Access Plus resetPWD.xml autenticazione debole$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-41828
30/09/20213.53.4Zoho ManageEngine Remote Access Plus DCBackupRestore JAR Archive autenticazione debole$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-41827
04/02/20216.36.3Zoho ManageEngine Remote Access Plus User Administration Screen escalazione di privilegi$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2019-16268
19/03/20207.57.5Zoho ManageEngine Remote Access Plus User Permission escalazione di privilegi$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2019-11361
17/02/20205.05.0Zoho ManageEngine Remote Access Plus Mail Server Test escalazione di privilegi$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2019-20474
31/01/20204.34.2Zoho ManageEngine Remote Access Plus Credential Manager Credentials rivelazione di un 'informazione$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2020-8422

altre voci di Zoho Manageengine

PrecedenteVisione D'insiemeIl prossimo

Might our Artificial Intelligence support you?

Check our Alexa App!