Latest zohocorp manageengine remote access plus Vulnerabilities

CVE-2023-6105
ManageEngine Information Disclosure in Multiple Products
Zoho ManageEngine<5.3
Zohocorp Manageengine Appcreator<2.0.0
Zohocorp Manageengine Application Control Plus<11.2.2328.01
Zohocorp Manageengine Browser Security Plus<11.2.2328.01
Zoho ManageEngine<11.2.2328.01
Zohocorp Manageengine Endpoint Central<11.2.2322.01
and 782 more
CVE-2022-47966
Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability
Zohocorp Manageengine Access Manager Plus<4.3
Zohocorp Manageengine Access Manager Plus=4.3-build4300
Zohocorp Manageengine Access Manager Plus=4.3-build4301
Zohocorp Manageengine Access Manager Plus=4.3-build4302
Zohocorp Manageengine Access Manager Plus=4.3-build4303
Zohocorp Manageengine Access Manager Plus=4.3-build4304
and 153 more
CVE-2022-26777
Zoho ManageEngine Remote Access Plus before 10.1.2137.15 allows guest users to view license details.
Zohocorp Manageengine Remote Access Plus<10.1.2137.15
CVE-2022-26653
Zoho ManageEngine Remote Access Plus before 10.1.2137.15 allows guest users to view domain details (such as the username and GUID of an administrator).
Zohocorp Manageengine Remote Access Plus<10.1.2137.15
CVE-2021-42954
Zoho Remote Access Plus Server Windows Desktop Binary fixed from 10.1.2121.1 is affected by incorrect access control. The installation directory is vulnerable to weak file permissions by allowing full...
Zohocorp Manageengine Remote Access Plus<10.1.2121.1
Microsoft Windows
CVE-2021-42955
Zoho Remote Access Plus Server Windows Desktop binary fixed in version 10.1.2132 is affected by an unauthorized password reset vulnerability. Because of the designed password reset mechanism, any non-...
Zohocorp Manageengine Remote Access Plus<10.1.2132
Microsoft Windows
CVE-2021-41829
Zoho ManageEngine Remote Access Plus before 10.1.2121.1 relies on the application's build number to calculate a certain encryption key.
Zohocorp Manageengine Remote Access Plus<10.1.2121.1
CVE-2021-41828
Zoho ManageEngine Remote Access Plus before 10.1.2121.1 has hardcoded credentials associated with resetPWD.xml.
Zohocorp Manageengine Remote Access Plus<10.1.2121.1
CVE-2019-16268
Zoho ManageEngine Remote Access Plus 10.0.259 allows HTML injection via the Description field on the Admin - User Administration userMgmt.do?actionToCall=ShowUser screen.
Zohocorp Manageengine Remote Access Plus=10.0.259
CVE-2020-15589
A design issue was discovered in GetInternetRequestHandle, InternetSendRequestEx and InternetSendRequestByBitrate in the client side of Zoho ManageEngine Desktop Central 10.0.552.W and Remote Access P...
Zohocorp Manageengine Desktop Central=10.0.552.w
Zohocorp Manageengine Remote Access Plus<10.1.2119.1
CVE-2019-11361
Zoho ManageEngine Remote Access Plus 10.0.258 does not validate user permissions properly, allowing for privilege escalation and eventually a full application takeover.
Zohocorp Manageengine Remote Access Plus=10.0.258
CVE-2019-20474
An issue was discovered in Zoho ManageEngine Remote Access Plus 10.0.447. The service to test the mail-server configuration suffers from an authorization issue allowing a user with the Guest role (rea...
Zohocorp Manageengine Remote Access Plus=10.0.447
CVE-2020-8422
Zohocorp Manageengine Remote Access Plus<10.0.450

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203