Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Zohocorp Subscribe
Filtered by product Manageengine Admanager Plus

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-37741 1 Zohocorp 1 Manageengine Admanager Plus 2022-07-12 6.5 MEDIUM 8.8 HIGH
ManageEngine ADManager Plus before 7111 has Pre-authentication RCE vulnerabilities.
CVE-2022-29457 1 Zohocorp 4 Manageengine Adaudit Plus, Manageengine Admanager Plus, Manageengine Adselfservice Plus and 1 more 2022-05-11 6.5 MEDIUM 8.8 HIGH
Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701, and ADManagerPlus 7131 allow NTLM Hash disclosure during certain storage-path configuration steps.
CVE-2021-20130 1 Zohocorp 1 Manageengine Admanager Plus 2021-10-19 6.5 MEDIUM 8.8 HIGH
ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the PasswordExpiry interface.
CVE-2021-20131 1 Zohocorp 1 Manageengine Admanager Plus 2021-10-19 6.5 MEDIUM 8.8 HIGH
ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the Personalization interface.
CVE-2019-12876 1 Zohocorp 3 Manageengine Admanager Plus, Manageengine Adselfservice Plus, Manageengine Desktop Central 2020-08-24 8.5 HIGH 7.3 HIGH
Zoho ManageEngine ADManager Plus 6.6.5, ADSelfService Plus 5.7, and DesktopCentral 10.0.380 have Insecure Permissions, leading to Privilege Escalation from low level privileges to System.
CVE-2018-19374 1 Zohocorp 1 Manageengine Admanager Plus 2019-10-03 6.9 MEDIUM 7.0 HIGH
Zoho ManageEngine ADManager Plus 6.6 Build 6657 allows local users to gain privileges (after a reboot) by placing a Trojan horse file into the permissive bin directory.
CVE-2017-17552 1 Zohocorp 1 Manageengine Admanager Plus 2018-03-13 6.8 MEDIUM 8.8 HIGH
/LoadFrame in Zoho ManageEngine AD Manager Plus build 6590 - 6613 allows attackers to conduct URL Redirection attacks via the src parameter, resulting in a bypass of CSRF protection, or potentially masquerading a malicious URL as trusted.