CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-8422

An authorization issue was discovered in the Credential Manager feature in Zoho ManageEngine Remote Access Plus before 10.0.450. A user with the Guest role can extract the collection of all defined credentials of remote machines: the credential name, credential type, user name, domain/workgroup name, and description (but not the password).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.9%

CVSS Severity

CVSS v3 Score 4.3

CVSS v2 Score 4.0

References

Products affected by CVE-2020-8422

Zohocorp » Manageengine Remote Access Plus » Version: N/A

cpe:2.3:a:zohocorp:manageengine_remote_access_plus:-
Zohocorp » Manageengine Remote Access Plus » Version: 10.0.252

cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.252
Zohocorp » Manageengine Remote Access Plus » Version: 10.0.253

cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.253
Zohocorp » Manageengine Remote Access Plus » Version: 10.0.254

cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.254
Zohocorp » Manageengine Remote Access Plus » Version: 10.0.255

cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.255
Zohocorp » Manageengine Remote Access Plus » Version: 10.0.256

cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.256
Zohocorp » Manageengine Remote Access Plus » Version: 10.0.257

cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.257
Zohocorp » Manageengine Remote Access Plus » Version: 10.0.258

cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.258
Zohocorp » Manageengine Remote Access Plus » Version: 10.0.259

cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.259
Zohocorp » Manageengine Remote Access Plus » Version: 10.0.415

cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.415
Zohocorp » Manageengine Remote Access Plus » Version: 10.0.416

cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.416
Zohocorp » Manageengine Remote Access Plus » Version: 10.0.421

cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.421
Zohocorp » Manageengine Remote Access Plus » Version: 10.0.422

cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.422
Zohocorp » Manageengine Remote Access Plus » Version: 10.0.428

cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.428
Zohocorp » Manageengine Remote Access Plus » Version: 10.0.430

cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.430
Zohocorp » Manageengine Remote Access Plus » Version: 10.0.431

cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.431
Zohocorp » Manageengine Remote Access Plus » Version: 10.0.432

cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.432
Zohocorp » Manageengine Remote Access Plus » Version: 10.0.433

cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.433
Zohocorp » Manageengine Remote Access Plus » Version: 10.0.434

cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.434
Zohocorp » Manageengine Remote Access Plus » Version: 10.0.435

cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.435
Zohocorp » Manageengine Remote Access Plus » Version: 10.0.436

cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.436
Zohocorp » Manageengine Remote Access Plus » Version: 10.0.440

cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.440
Zohocorp » Manageengine Remote Access Plus » Version: 10.0.447

cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.447
Zohocorp » Manageengine Remote Access Plus » Version: 10.0.448

cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.448

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-8422

Products

Pricing

Contact Us