Zohocorp: >> Manageengine Remote Access Plus >> 10.0.433 Security Vulnerabilities
An authorization issue was discovered in the Credential Manager feature in Zoho ManageEngine Remote Access Plus before 10.0.450. A user with the Guest role can extract the collection of all defined credentials of remote machines: the credential name, credential type, user name, domain/workgroup name, and description (but not the password).
CVSS Score
4.3
EPSS Score
0.003
Published
2020-01-31
Page 2