Latest zohocorp manageengine netflow analyzer Vulnerabilities

CVE-2023-47211
A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send...
Zohocorp Manageengine Firewall Analyzer<12.7
Zohocorp Manageengine Firewall Analyzer=12.7-build127000
Zohocorp Manageengine Firewall Analyzer=12.7-build127101
Zohocorp Manageengine Firewall Analyzer=12.7-build127130
Zohocorp Manageengine Firewall Analyzer=12.7-build127131
Zohocorp Manageengine Firewall Analyzer=12.7-build127187
and 91 more
CVE-2023-6105
ManageEngine Information Disclosure in Multiple Products
Zoho ManageEngine<5.3
Zohocorp Manageengine Appcreator<2.0.0
Zohocorp Manageengine Application Control Plus<11.2.2328.01
Zohocorp Manageengine Browser Security Plus<11.2.2328.01
Zoho ManageEngine<11.2.2328.01
Zohocorp Manageengine Endpoint Central<11.2.2322.01
and 782 more
CVE-2022-38772
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make dat...
Zohocorp Manageengine Netflow Analyzer=12.5-build125450
Zohocorp Manageengine Netflow Analyzer=12.5-build125451
Zohocorp Manageengine Netflow Analyzer=12.5-build125452
Zohocorp Manageengine Netflow Analyzer=12.5-build125453
Zohocorp Manageengine Netflow Analyzer=12.5-build125455
Zohocorp Manageengine Netflow Analyzer=12.5-build125456
and 202 more
CVE-2022-37024
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allo...
Zohocorp Manageengine Firewall Analyzer=12.5-build125450
Zohocorp Manageengine Firewall Analyzer=12.5-build125451
Zohocorp Manageengine Firewall Analyzer=12.5-build125452
Zohocorp Manageengine Firewall Analyzer=12.5-build125453
Zohocorp Manageengine Firewall Analyzer=12.5-build125455
Zohocorp Manageengine Firewall Analyzer=12.5-build125456
and 102 more
CVE-2022-36923
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104...
Zohocorp Manageengine Firewall Analyzer=12.5-build125450
Zohocorp Manageengine Firewall Analyzer=12.5-build125451
Zohocorp Manageengine Firewall Analyzer=12.5-build125452
Zohocorp Manageengine Firewall Analyzer=12.5-build125453
Zohocorp Manageengine Firewall Analyzer=12.5-build125455
Zohocorp Manageengine Firewall Analyzer=12.5-build125456
and 102 more
CVE-2022-35404
ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine.
Zohocorp Manageengine Opmanager<12.5
Zohocorp Manageengine Opmanager=12.5
Zohocorp Manageengine Opmanager=12.5-build125000
Zohocorp Manageengine Opmanager=12.5-build125002
Zohocorp Manageengine Opmanager=12.5-build125100
Zohocorp Manageengine Opmanager=12.5-build125101
and 330 more
CVE-2019-12133
Multiple Zoho ManageEngine products suffer from local privilege escalation due to improper permissions for the %SYSTEMDRIVE%\ManageEngine directory and its sub-folders. Moreover, the services associat...
Zoho ManageEngine=1.0
Zohocorp Manageengine Browser Security Plus
Zohocorp Manageengine Desktop Central=10.0.380
Zohocorp Manageengine Eventlog Analyzer=12.0.2
Zohocorp Manageengine Firewall=12.0
Zohocorp Manageengine Key Manager Plus=5.6
and 12 more
CVE-2019-12196
A SQL injection vulnerability in /client/api/json/v2/nfareports/compareReport in Zoho ManageEngine NetFlow Analyzer 12.3 allows attackers to execute arbitrary SQL commands via the DeviceID parameter.
Zohocorp Manageengine Netflow Analyzer=12.3
CVE-2019-8927
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/scheduleConfig.jsp file via these GET parameters: devSrc, email...
Zohocorp Manageengine Netflow Analyzer=7.0.0.2
CVE-2019-8928
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in /netflow/jspui/userManagementForm.jsp via these GET parameters: authMeth, passWord, pwd1, and userName...
Zohocorp Manageengine Netflow Analyzer=7.0.0.2
CVE-2019-8926
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/popup1.jsp file via these GET parameters: bussAlert, customDev,...
Zohocorp Manageengine Netflow Analyzer=7.0.0.2
CVE-2019-8925
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. An Absolute Path Traversal vulnerability in the Administration zone, in /netflow/servlet/CReportPDFServlet (via the ...
Zohocorp Manageengine Netflow Analyzer=7.0.0.2
CVE-2019-7426
Zohocorp Manageengine Netflow Analyzer=7.0.0.2
CVE-2019-7427
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the autorefTime or graphTypes parameter.
Zohocorp Manageengine Netflow Analyzer=7.0.0.2
CVE-2019-7425
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the task parameter.
Zohocorp Manageengine Netflow Analyzer=7.0.0.2
CVE-2019-7424
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/index.jsp" file in the view GET parameter or any of these POST parameters: autorefTime...
Zohocorp Manageengine Netflow Analyzer=7.0.0.2
CVE-2019-7423
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/editProfile.jsp" file in the userName parameter.
Zohocorp Manageengine Netflow Analyzer=7.0.0.2
CVE-2018-12998
A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtil...
Zohocorp Manageengine Netflow Analyzer
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Oputils
Zohocorp Firewall Analyzer
and 1 more
CVE-2018-12997
Incorrect Access Control in FailOverHelperServlet in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils b...
Zohocorp Manageengine Netflow Analyzer
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Oputils
Zohocorp Firewall Analyzer
and 1 more
CVE-2018-10803
Cross-site scripting (XSS) vulnerability in the add credentials functionality in Zoho ManageEngine NetFlow Analyzer v12.3 before 12.3.125 (build 123125) allows remote attackers to inject arbitrary web...
Zohocorp Manageengine Netflow Analyzer>=12.3<12.3.125

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203