Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
manageengine vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-44525
Zoho ManageEngine PAM360 before build 5303 allows malicious users to modify a few aspects of application state because of a filter bypass in which authentication is not required.
Zohocorp Manageengine Pam360 5.3
Zohocorp Manageengine Pam360 5.2
Zohocorp Manageengine Pam360 5.1
Zohocorp Manageengine Pam360 5.0
Zohocorp Manageengine Pam360 4.5
Zohocorp Manageengine Pam360 4.1
Zohocorp Manageengine Pam360 4.0
9.8
CVSSv3
CVE-2021-44675
Zoho ManageEngine ServiceDesk Plus MSP prior to 10.5 Build 10534 is vulnerable to unauthenticated remote code execution due to a filter bypass in which authentication is not required.
Zohocorp Manageengine Servicedesk Plus Msp 10.5
Zohocorp Manageengine Servicedesk Plus Msp
9.8
CVSSv3
CVE-2021-44676
Zoho ManageEngine Access Manager Plus prior to 4203 allows anyone to view a few data elements (e.g., access control details) and modify a few aspects of the application state.
Zohocorp Manageengine Access Manager Plus 4.2
Zohocorp Manageengine Access Manager Plus 4.1
9.8
CVSSv3
CVE-2021-44515
Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code execution on the server, as exploited in the wild in December 2021. For Enterprise builds 10.1.2127.17 and previous versions, upgrade to 10.1.2127.18. For Enterprise builds 10.1.2128....
Zohocorp Manageengine Desktop Central
9.8
CVSSv3
CVE-2021-44514
OpUtils in Zoho ManageEngine OpManager 12.5 prior to 125490 mishandles authentication for a few audit directories.
Zohocorp Manageengine Opmanager 12.5
9.8
CVSSv3
CVE-2021-43319
Zoho ManageEngine Network Configuration Manager prior to 125488 is vulnerable to command injection due to improper validation in the Ping functionality.
Zohocorp Manageengine Network Configuration Manager 11.0
Zohocorp Manageengine Network Configuration Manager 12.0
Zohocorp Manageengine Network Configuration Manager 12.1
Zohocorp Manageengine Network Configuration Manager 12.2
Zohocorp Manageengine Network Configuration Manager 12.3
Zohocorp Manageengine Network Configuration Manager 12.4
Zohocorp Manageengine Network Configuration Manager 12.5
9.8
CVSSv3
CVE-2021-42099
Zoho ManageEngine M365 Manager Plus prior to 4421 is vulnerable to file-upload remote code execution.
Zohocorp Manageengine M365 Manager Plus -
Zohocorp Manageengine M365 Manager Plus Build 4000
Zohocorp Manageengine M365 Manager Plus Build 4001
Zohocorp Manageengine M365 Manager Plus Build 4002
Zohocorp Manageengine M365 Manager Plus Build 4003
Zohocorp Manageengine M365 Manager Plus Build 4004
Zohocorp Manageengine M365 Manager Plus Build 4005
Zohocorp Manageengine M365 Manager Plus Build 4007
Zohocorp Manageengine M365 Manager Plus Build 4008
Zohocorp Manageengine M365 Manager Plus Build 4009
Zohocorp Manageengine M365 Manager Plus Build 4010
Zohocorp Manageengine M365 Manager Plus Build 4011
Zohocorp Manageengine M365 Manager Plus Build 4012
Zohocorp Manageengine M365 Manager Plus Build 4013
Zohocorp Manageengine M365 Manager Plus Build 4014
Zohocorp Manageengine M365 Manager Plus Build 4100
Zohocorp Manageengine M365 Manager Plus Build 4101
Zohocorp Manageengine M365 Manager Plus Build 4102
Zohocorp Manageengine M365 Manager Plus Build 4103
Zohocorp Manageengine M365 Manager Plus Build 4104
Zohocorp Manageengine M365 Manager Plus Build 4105
Zohocorp Manageengine M365 Manager Plus Build 4106
9.8
CVSSv3
CVE-2021-44077
Zoho ManageEngine ServiceDesk Plus prior to 11306, ServiceDesk Plus MSP prior to 10530, and SupportCenter Plus prior to 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration.
Zohocorp Manageengine Servicedesk Plus 11.2
Zohocorp Manageengine Servicedesk Plus Msp 10.5
Zohocorp Manageengine Servicedesk Plus 11.3
Zohocorp Manageengine Servicedesk Plus 11.1
Zohocorp Manageengine Supportcenter Plus
Zohocorp Manageengine Servicedesk Plus Msp
Zohocorp Manageengine Supportcenter Plus 11.0
2 Github repositories
1 Article
9.8
CVSSv3
CVE-2021-41080
Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a hardware details search.
Zohocorp Manageengine Network Configuration Manager 12.5
Zohocorp Manageengine Network Configuration Manager
Zohocorp Manageengine Network Configuration Manager 12.3
9.8
CVSSv3
CVE-2021-41081
Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a configuration search.
Zohocorp Manageengine Network Configuration Manager 12.5
Zohocorp Manageengine Network Configuration Manager
Zohocorp Manageengine Network Configuration Manager 12.3
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »