Zoho Manageengine Vulnerabilità

Sequenza temporale

genere »

Prodotto »

Contromisure »

Sfruttabilità »

Accesso al vettore »

Autenticazione »

Interazione dell'utente »

C3BM Index »

CVSSv3 Base »

CVSSv3 Temp »

VulDB »

NVD »

Fornitore »

Research »

Exploiter 0 giorni »

Exploiter aujourd'hui »

Sfrutta il volume del mercato »

🔴 CTI Attività »

Affected Products (42): ADAudit (1), ADAudit Plus (1), ADManager Plus (7), AD Manager Plus (1), ADSelfService Plus (22), Application Manager (5), Applications Manager (38), Asset Explorer (1), AssetExplorer (12), DataSecurity Plus (4), DesktopCentral (1), Desktop Central (34), Desktop Central MSP (1), Device Expert (1), Event Log Analyzer (3), EventLog Analyzer (13), Exchange Reporter Plus (1), FireWall (1), Firewall Analyzer (11), Log Analyzer (2), ManageEngine Netflow Analyzer (4), ManageEngine OpManager (9), Mobile Device Manager Plus (1), Monitoring Manager (3), NetFlow Analyzer (2), Netflow Analyzer (6), Netflow Analyzer Professional (7), Network Configuration Manager (4), O365 Manager Plus (1), OpManager (38), OpStor (2), OpUtils (4), Password Manager Pro (18), Patch Connect Plus (1), Patch Manager Plus (1), Recovery Manager Plus (1), Remote Access Plus (4), ServiceDesk (3), ServiceDesk Plus (29), Service Plus (1), SupportCenter Plus (6), Vulnerability Manager Plus (1)

Link to Vendor Website: https://www.manageengine.com/

Data di pubblicazioneBaseTempVulnerabilitàProdExpConCTICVE
20/02/20216.26.2Zoho ManageEngine ADSelfService Plus Administrative Interface escalazione di privilegiSconosciutoNot DefinedNot Defined1.55CVE-2021-27214
05/02/20217.57.5Zoho ManageEngine Applications Manager com.adventnet.appmanager.filter.UriCollector showresource.do sql injectionLog Management SoftwareNot DefinedNot Defined0.06CVE-2020-35765
04/02/20216.36.3Zoho ManageEngine Remote Access Plus User Administration Screen escalazione di privilegiRemote Access SoftwareNot DefinedNot Defined0.00CVE-2019-16268
03/02/20216.36.0Zoho ManageEngine OpManager Smart Update Manager Servlet Remote Privilege EscalationNetwork Management SoftwareNot DefinedOfficial Fix0.06CVE-2020-28653
19/01/20217.57.2Zoho ManageEngine Applications Manager sql injectionLog Management SoftwareNot DefinedOfficial Fix0.06CVE-2020-27733
07/01/20215.55.5Zoho ManageEngine Desktop Central New Custom Report escalazione di privilegiEndpoint Management SoftwareNot DefinedNot Defined0.05CVE-2019-16962
30/10/20207.67.3Zoho ManageEngine Applications Manager MyPage.do sql injectionLog Management SoftwareNot DefinedOfficial Fix0.02CVE-2020-27995
09/10/20207.47.4Zoho ManageEngine Applications Manager AAMRequestProcessor Servlet escalazione di privilegiLog Management SoftwareProof-of-ConceptNot Defined0.06CVE-2020-10816
07/10/20207.57.2Zoho ManageEngine Applications Manager RCA module sql injectionLog Management SoftwareNot DefinedOfficial Fix0.07CVE-2020-16267
07/10/20207.57.2Zoho ManageEngine Applications Manager SAP Module sql injectionLog Management SoftwareNot DefinedOfficial Fix0.06CVE-2020-15927
02/10/20206.26.2Zoho ManageEngine Desktop Central InternetSendRequestEx buffer overflowEndpoint Management SoftwareNot DefinedNot Defined0.04CVE-2020-24397
02/10/20207.07.0Zoho ManageEngine Desktop Central TLS Certificate Validation InternetSendRequestByBitrate autenticazione deboleEndpoint Management SoftwareNot DefinedNot Defined0.04CVE-2020-15589
01/10/20208.58.5Zoho ManageEngine Application Manager AlarmEscalation sql injectionSconosciutoNot DefinedNot Defined0.00CVE-2020-15533
30/09/20208.58.2Zoho ManageEngine ADSelfService Plus GINA CP Module escalazione di privilegiSconosciutoNot DefinedOfficial Fix0.06CVE-2018-5353
25/09/20205.24.9Zoho ManageEngine Applications Manager header.jsp cross site scriptingLog Management SoftwareNot DefinedOfficial Fix0.05CVE-2020-15521
25/09/20208.58.2Zoho ManageEngine Applications Manager REST API sql injectionLog Management SoftwareNot DefinedOfficial Fix0.06CVE-2020-15394
04/09/20206.76.7Zoho ManageEngine Applications Manager jar escalazione di privilegiLog Management SoftwareNot DefinedNot Defined0.00CVE-2020-14008
31/08/20208.58.2Zoho ManageEngine Exchange Reporter Plus autenticazione deboleReporting SoftwareNot DefinedOfficial Fix0.05CVE-2020-24786
29/07/20208.07.7Zoho ManageEngine Desktop Central Header buffer overflowEndpoint Management SoftwareNot DefinedOfficial Fix0.05CVE-2020-15588
12/06/20207.47.1Zoho ManageEngine ServiceDesk Plus autenticazione deboleSconosciutoNot DefinedOfficial Fix0.10CVE-2020-14048
04/06/20207.47.4Zoho ManageEngine OpManager cachestart directory traversalNetwork Management SoftwareNot DefinedNot Defined0.02CVE-2020-13818
18/05/20205.45.1Zoho ManageEngine Service Plus Password rivelazione di un 'informazioneSconosciutoNot DefinedOfficial Fix0.03CVE-2020-13154
14/05/20205.24.9Zoho ManageEngine ServiceDesk Plus Asset cross site scriptingSconosciutoProof-of-ConceptOfficial Fix0.05CVE-2019-15083
08/05/20208.58.2Zoho ManageEngine DataSecurity Plus DataEngine Xnode Server autenticazione deboleSconosciutoNot DefinedOfficial Fix0.00CVE-2020-11532
08/05/20207.57.2Zoho ManageEngine DataSecurity Plus DataEngine Xnode Server Application directory traversalSconosciutoNot DefinedOfficial Fix0.00CVE-2020-11531

Do you need the next level of professionalism?

Upgrade your account now!