Zohocorp: Security Vulnerabilities
Zohocorp ManageEngine Analytics Plus versions below 6100 are vulnerable to authenticated sensitive data exposure which allows the users to retrieve sensitive tokens associated to the org-admin account.
CVSS Score
8.1
EPSS Score
0.001
Published
2024-11-27
Zohocorp ManageEngine ADAudit Plus versions below 8123 are vulnerable to SQL Injection in the reports module.
CVSS Score
8.3
EPSS Score
0.004
Published
2024-11-18
Zohocorp ManageEngine SharePoint Manager Plus versions 4503 and prior are vulnerable to authenticated XML External Entity (XXE) in the Management option.
CVSS Score
8.5
EPSS Score
0.004
Published
2024-11-08
Zohocorp ManageEngine ADManager Plus versions 7203 and prior are vulnerable to Privilege Escalation in the Modify Computers option.
CVSS Score
8.8
EPSS Score
0.025
Published
2024-11-08
Zohocorp ManageEngine Exchange Reporter Plus versions 5718 and prior are vulnerable to authenticated SQL Injection in reports module.
CVSS Score
8.3
EPSS Score
0.007
Published
2024-11-05
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to SQL Injection in Technician reports option.
CVSS Score
8.3
EPSS Score
0.005
Published
2024-11-04
Zohocorp ManageEngine ADManager Plus versions 7241 and prior are vulnerable to SQL Injection in Archived Audit Report.
CVSS Score
8.3
EPSS Score
0.005
Published
2024-11-04
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to SQL Injection in the technician reports feature.
CVSS Score
8.3
EPSS Score
0.003
Published
2024-10-24
Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability while isolating the devices.This issue affects Endpoint Central: before 11.3.2406.08 and before 11.3.2400.15
CVSS Score
7.6
EPSS Score
0.004
Published
2024-08-30
Zohocorp ManageEngine Exchange Reporter Plus versions before 5715 are vulnerable to SQL Injection in the reports module.
CVSS Score
8.3
EPSS Score
0.004
Published
2024-08-30