Zohocorp: Security Vulnerabilities
Zohocorp ManageEngine ADSelfService Plus versions 6510 and below are vulnerable to account takeover due to the session mishandling. Valid account holders in the setup only have the potential to exploit this bug.
CVSS Score
8.1
EPSS Score
0.001
Published
2025-03-03
ManageEngine Endpoint Central versions before 11.3.2440.09 are vulnerable to IDOR vulnerability which allows the attacker to change the username in the chat.
CVSS Score
3.5
EPSS Score
0.001
Published
2025-02-05
Zohocorp ManageEngine Applications Manager versions 174000 and prior are vulnerable to the incorrect authorization in the update user function.
CVSS Score
8.1
EPSS Score
0.001
Published
2025-01-29
Zohocorp ManageEngine Analytics Plus versions below 6100 are vulnerable to authenticated sensitive data exposure which allows the users to retrieve sensitive tokens associated to the org-admin account.
CVSS Score
8.1
EPSS Score
0.008
Published
2024-11-27
Zohocorp ManageEngine ADAudit Plus versions below 8123 are vulnerable to SQL Injection in the reports module.
CVSS Score
8.3
EPSS Score
0.019
Published
2024-11-18
Zohocorp ManageEngine SharePoint Manager Plus versions 4503 and prior are vulnerable to authenticated XML External Entity (XXE) in the Management option.
CVSS Score
8.5
EPSS Score
0.001
Published
2024-11-08
Zohocorp ManageEngine ADManager Plus versions 7203 and prior are vulnerable to Privilege Escalation in the Modify Computers option.
CVSS Score
8.8
EPSS Score
0.027
Published
2024-11-08
Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below, 11.3.2428.9 and below are vulnerable to Arbitrary File Deletion in the agent installed machines.
CVSS Score
7.0
EPSS Score
0.0
Published
2024-11-07
Zohocorp ManageEngine Exchange Reporter Plus versions 5718 and prior are vulnerable to authenticated SQL Injection in reports module.
CVSS Score
8.3
EPSS Score
0.003
Published
2024-11-05
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to SQL Injection in Technician reports option.
CVSS Score
8.3
EPSS Score
0.002
Published
2024-11-04