Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Zohocorp Subscribe
Filtered by product Manageengine Assetexplorer

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-6105 3 Linux, Microsoft, Zohocorp 41 Linux Kernel, Windows, Manageengine Access Manager Plus and 38 more 2023-12-28 N/A 5.5 MEDIUM
An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database passwords. This allows the user to access the ManageEngine product database.
CVE-2022-40772 1 Zohocorp 4 Manageengine Assetexplorer, Manageengine Servicedesk Plus, Manageengine Servicedesk Plus Msp and 1 more 2023-08-08 N/A 6.5 MEDIUM
Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to a validation bypass that allows users to access sensitive data via the report module.
CVE-2020-8838 1 Zohocorp 1 Manageengine Assetexplorer 2020-05-08 4.9 MEDIUM 6.4 MEDIUM
An issue was discovered in Zoho ManageEngine AssetExplorer 6.5. During an upgrade of the Windows agent, it does not validate the source and binary downloaded. This allows an attacker on an adjacent network to execute code with NT AUTHORITY/SYSTEM privileges on the agent machines by providing an arbitrary executable via a man-in-the-middle attack.
CVE-2019-12596 1 Zohocorp 1 Manageengine Assetexplorer 2019-07-25 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via SoftwareListView.do with the parameter swType or swComplianceType.
CVE-2019-12597 1 Zohocorp 1 Manageengine Assetexplorer 2019-07-25 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via ResourcesAttachments.jsp with the parameter pageName.
CVE-2019-12537 1 Zohocorp 1 Manageengine Assetexplorer 2019-07-25 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the SearchN.do search field.
CVE-2019-12595 1 Zohocorp 1 Manageengine Assetexplorer 2019-07-25 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the RCSettings.do rdsName parameter.
CVE-2018-17596 1 Zohocorp 1 Manageengine Assetexplorer 2018-11-16 4.3 MEDIUM 6.1 MEDIUM
In Zoho ManageEngine AssetExplorer, a Stored XSS vulnerability was discovered in the 6.2.0 version via the /AssetDef.do ciName or assetName parameter.