Latest zohocorp manageengine access manager plus Vulnerabilities

CVE-2023-6105
ManageEngine Information Disclosure in Multiple Products
Zoho ManageEngine<5.3
Zohocorp Manageengine Appcreator<2.0.0
Zohocorp Manageengine Application Control Plus<11.2.2328.01
Zohocorp Manageengine Browser Security Plus<11.2.2328.01
Zoho ManageEngine<11.2.2328.01
Zohocorp Manageengine Endpoint Central<11.2.2322.01
and 782 more
CVE-2023-2291
Zohocorp Manageengine Access Manager Plus=4.3-build4309
Zohocorp Manageengine Pam360
Zohocorp Manageengine Password Manager Pro
CVE-2022-47966
Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability
Zohocorp Manageengine Access Manager Plus<4.3
Zohocorp Manageengine Access Manager Plus=4.3-build4300
Zohocorp Manageengine Access Manager Plus=4.3-build4301
Zohocorp Manageengine Access Manager Plus=4.3-build4302
Zohocorp Manageengine Access Manager Plus=4.3-build4303
Zohocorp Manageengine Access Manager Plus=4.3-build4304
and 153 more
CVE-2022-47523
Zoho ManageEngine Access Manager Plus before 4309, Password Manager Pro before 12210, and PAM360 before 5801 are vulnerable to SQL Injection.
Zohocorp Manageengine Password Manager Pro<12.2
Zohocorp Manageengine Password Manager Pro=12.2-build12200
Zohocorp Manageengine Pam360<5.8
Zohocorp Manageengine Pam360=5.8-build5800
Zohocorp Manageengine Access Manager Plus<4.3
Zohocorp Manageengine Access Manager Plus=4.3-build4300
and 8 more
CVE-2022-43671
Zoho ManageEngine Password Manager Pro before 12122, PAM360 before 5711, and Access Manager Plus before 4306 allow SQL Injection.
Zohocorp Manageengine Access Manager Plus<4.3
Zohocorp Manageengine Access Manager Plus=4.3-build4300
Zohocorp Manageengine Access Manager Plus=4.3-build4301
Zohocorp Manageengine Access Manager Plus=4.3-build4302
Zohocorp Manageengine Access Manager Plus=4.3-build4303
Zohocorp Manageengine Access Manager Plus=4.3-build4304
and 10 more
CVE-2022-43672
Zoho ManageEngine Password Manager Pro before 12122, PAM360 before 5711, and Access Manager Plus before 4306 allow SQL Injection (in a different software component relative to CVE-2022-43671.
Zohocorp Manageengine Access Manager Plus<4.3
Zohocorp Manageengine Access Manager Plus=4.3-build4300
Zohocorp Manageengine Access Manager Plus=4.3-build4301
Zohocorp Manageengine Access Manager Plus=4.3-build4302
Zohocorp Manageengine Access Manager Plus=4.3-build4303
Zohocorp Manageengine Access Manager Plus=4.3-build4304
and 10 more
CVE-2022-40300
Zohocorp Manageengine Access Manager Plus=4.0-build4000
Zohocorp Manageengine Access Manager Plus=4.1-build4100
Zohocorp Manageengine Access Manager Plus=4.1-build4101
Zohocorp Manageengine Access Manager Plus=4.2-build4200
Zohocorp Manageengine Access Manager Plus=4.2-build4201
Zohocorp Manageengine Access Manager Plus=4.2-build4202
and 309 more
CVE-2022-35405
Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability
Zohocorp Manageengine Access Manager Plus<4.3
Zohocorp Manageengine Access Manager Plus=4.3-build4300
Zohocorp Manageengine Access Manager Plus=4.3-build4301
Zohocorp Manageengine Access Manager Plus=4.3-build4302
Zohocorp Manageengine Pam360<5.5
Zohocorp Manageengine Pam360=5.5-build5500
and 3 more
CVE-2022-29081
Zoho ManageEngine Access Manager Plus before 4302, Password Manager Pro before 12007, and PAM360 before 5401 are vulnerable to access-control bypass on a few Rest API URLs (for SSOutAction. SSLAction....
Zohocorp Manageengine Access Manager Plus=4.0-build4000
Zohocorp Manageengine Access Manager Plus=4.1-build4100
Zohocorp Manageengine Access Manager Plus=4.1-build4101
Zohocorp Manageengine Access Manager Plus=4.2-build4200
Zohocorp Manageengine Access Manager Plus=4.2-build4201
Zohocorp Manageengine Access Manager Plus=4.2-build4202
and 44 more
CVE-2021-44676
Zoho ManageEngine Access Manager Plus before 4203 allows anyone to view a few data elements (e.g., access control details) and modify a few aspects of the application state.
Zohocorp Manageengine Access Manager Plus=4.1-build4100
Zohocorp Manageengine Access Manager Plus=4.1-build4101
Zohocorp Manageengine Access Manager Plus=4.2-build4200
Zohocorp Manageengine Access Manager Plus=4.2-build4201
Zohocorp Manageengine Access Manager Plus=4.2-build4202

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203