Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

zohocorp manageengine pam360 5.7 vulnerabilities and exploits

(subscribe to this query)
9.8
CVSSv3
CVE-2022-43671
Zoho ManageEngine Password Manager Pro prior to 12122, PAM360 prior to 5711, and Access Manager Plus prior to 4306 allow SQL Injection.
Zohocorp Manageengine Access Manager Plus 4.3Zohocorp Manageengine Access Manager PlusZohocorp Manageengine Password Manager ProZohocorp Manageengine Password Manager Pro 12.1Zohocorp Manageengine Pam360 5.7Zohocorp Manageengine Pam360
9.8
CVSSv3
CVE-2022-43672
Zoho ManageEngine Password Manager Pro prior to 12122, PAM360 prior to 5711, and Access Manager Plus prior to 4306 allow SQL Injection (in a different software component relative to CVE-2022-43671.
Zohocorp Manageengine Access Manager Plus 4.3Zohocorp Manageengine Access Manager PlusZohocorp Manageengine Password Manager ProZohocorp Manageengine Password Manager Pro 12.1Zohocorp Manageengine Pam360Zohocorp Manageengine Pam360 5.7
9.8
CVSSv3
CVE-2022-47966
Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache Santuario xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsib...
Zohocorp Manageengine Access Manager Plus 4.3Zohocorp Manageengine Access Manager PlusZohocorp Manageengine Ad360Zohocorp Manageengine Ad360 4.3Zohocorp Manageengine Adaudit Plus 7.0Zohocorp Manageengine Adaudit PlusZohocorp Manageengine Admanager Plus 7.1Zohocorp Manageengine Admanager PlusZohocorp Manageengine Adselfservice Plus 6.2Zohocorp Manageengine Adselfservice PlusZohocorp Manageengine Analytics PlusZohocorp Manageengine Analytics Plus 5.1Zohocorp Manageengine Assetexplorer 6.9Zohocorp Manageengine AssetexplorerZohocorp Manageengine Key Manager PlusZohocorp Manageengine Key Manager Plus 6.4Zohocorp Manageengine Pam360 5.7Zohocorp Manageengine Pam360Zohocorp Manageengine Password Manager ProZohocorp Manageengine Password Manager Pro 12.1Zohocorp Manageengine Servicedesk PlusZohocorp Manageengine Servicedesk Plus 14.0
5.5
CVSSv3
CVE-2023-6105
An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt prod...
Zohocorp Manageengine Mobile Device Manager Plus 10.1.2207.4Zohocorp Manageengine AppcreatorZohocorp Manageengine Analytics PlusZohocorp Manageengine Endpoint Central MspZohocorp Manageengine Endpoint CentralZohocorp Manageengine Remote Monitoring And ManagementZohocorp Manageengine Os DeployerZohocorp Manageengine Remote Access PlusZohocorp Manageengine Mobile Device Manager PlusZohocorp Manageengine Application Control PlusZohocorp Manageengine Vulnerability Manager PlusZohocorp Manageengine Browser Security PlusZohocorp Manageengine Patch Manager PlusZohocorp Manageengine Device Control PlusZohocorp Manageengine Endpoint Dlp PlusZohocorp Manageengine Adselfservice Plus 6.3Zohocorp Manageengine Adselfservice PlusZohocorp Manageengine Admanager PlusZohocorp Manageengine Admanager Plus 7.2Zohocorp Manageengine Adaudit Plus 7.2Zohocorp Manageengine Adaudit PlusZohocorp Manageengine Cloud Security Plus 4.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook