Zohocorp: >> Manageengine Opmanager >> 12.4.179 Security Vulnerabilities
Zoho ManageEngine OpManager before 12.5.329 allows unauthenticated Remote Code Execution due to a general bypass in the deserialization class.
CVSS Score
9.8
EPSS Score
0.711
Published
2021-04-22
Manage Engine OpManager builds below 125346 are vulnerable to a remote denial of service vulnerability due to a path traversal issue in spark gateway component. This allows a remote attacker to remotely delete any directory or directories on the OS.
CVSS Score
9.1
EPSS Score
0.441
Published
2021-04-01
Zoho ManageEngine OpManager Stable build before 125203 (and Released build before 125233) allows Remote Code Execution via the Smart Update Manager (SUM) servlet.
CVSS Score
9.8
EPSS Score
0.818
Published
2021-02-03
In Zoho ManageEngine OpManager before 125144, when <cachestart> is used, directory traversal validation can be bypassed.
CVSS Score
7.5
EPSS Score
0.766
Published
2020-06-04
Page 2