Zoho Manageengine Password Manager Pro Luki w zabezpieczeniach

Oś czasu

Wersja

7.0	4
8.0	2
11001	1
4309	1
11.0	1

Przeciwdziałanie

Official Fix	25
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	5

Wykorzystywanie

High	1
Functional	0
Proof-of-Concept	2
Unproven	8
Not Defined	19

Wektor dostępu

Not Defined	0
Physical	0
Local	0
Adjacent	5
Network	25

Uwierzytelnianie

Not Defined	0
High	0
Low	12
None	18

Interakcja z użytkownikiem

Not Defined	0
Required	7
None	23

C3BM Index

Ostatni rok

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	1
≤5	1
≤6	9
≤7	9
≤8	8
≤9	2
≤10	0

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	1
≤5	7
≤6	8
≤7	6
≤8	6
≤9	2
≤10	0

VulDB

≤1	0
≤2	0
≤3	0
≤4	2
≤5	3
≤6	11
≤7	9
≤8	5
≤9	0
≤10	0

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	2
≤8	2
≤9	2
≤10	7

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Sprzedawca

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	3
<2k	20
<5k	6
<10k	0
<25k	1
<50k	0
<100k	0
≥100k	0

Wykorzystaj dzisiaj

<1k	30
<2k	0
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Wykorzystaj wielkość rynku

Ostatni rok

🔴 CTI Zajęcia

Affected Versions (21): 7.0, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, 9.2, 9.3, 10.0, 10.1, 10.2, 10.3, 10.4, 11.0, 11.1, 11.2, 4309, 11001, Build 6104

Link to Product Website: https://www.manageengine.com/

Opublikowano	Base	Temp	Słaby punkt	0day	Dzisiaj	Wyk	Prz	CTI	CVE
2023-08-11	4.8	4.7	Zoho ManageEngine Password Manager Pro Query Report cross site scripting	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2020-27449
2023-04-27	7.0	7.0	Zoho ManageEngine ManageEngine PAM360 weak authentication	$0-$5k	$0-$5k	Not Defined	Not Defined	0.04	CVE-2023-2291
2023-01-18	7.7	7.4	Zoho ManageEngine Access Manager Plus Apache xmlsec Remote Code Execution	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00	CVE-2022-47966
2023-01-05	7.6	7.5	Zoho ManageEngine Access Manager Plus/Password Manager Pro/PAM360 sql injection	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-47523
2022-11-12	8.0	7.9	Zoho ManageEngine Password Manager Pro/PAM360/Access Manager Plus sql injection	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-43671
2022-11-12	8.0	7.9	Zoho ManageEngine Password Manager Pro/PAM360/Access Manager Plus sql injection	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-43672
2022-09-17	8.0	7.9	Zoho ManageEngine Password Manager Pro/PAM360/Access Manager Plus sql injection	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-40300
2022-07-20	8.5	8.4	Zoho ManageEngine Access Manager Plus/Password Manager Pro/PAM360 Remote Code Execution	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-35405
2022-07-19	6.8	6.8	Zoho ManageEngine Password Manager Pro/OPManager privilege escalation	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2022-35404
2022-04-29	5.5	5.3	Zoho ManageEngine Access Manager Plus/Password Manager Pro/PAM360 RestAPI Synchronize privilege escalation	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-29081

20 więcej wpisów nie jest pokazywanych

🔒 Login Required

You need to signup and login to see more of the remaining 20 results.

więcej wpisów autorstwa Zoho Manageengine

◂ PoprzedniPrzeglądKolejny ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!