Vulnerabilities (CVE)

Filtered by vendor Zohocorp Subscribe

Filtered by product Manageengine Key Manager Plus

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-24447	1 Zohocorp	1 Manageengine Key Manager Plus	2023-08-08	4.0 MEDIUM	6.5 MEDIUM
An issue was discovered in Zoho ManageEngine Key Manager Plus before 6200. A service exposed by the application allows a user, with the level Operator, to access stored SSL certificates and associated key pairs during export.
CVE-2022-24446	1 Zohocorp	1 Manageengine Key Manager Plus	2023-08-08	3.5 LOW	4.3 MEDIUM
An issue was discovered in Zoho ManageEngine Key Manager Plus 6.1.6. A user, with the level Operator, can see all SSH servers (and user information) even if no SSH server or user is associated to the operator.
CVE-2021-28382	1 Zohocorp	1 Manageengine Key Manager Plus	2021-06-14	3.5 LOW	5.4 MEDIUM
Zoho ManageEngine Key Manager Plus before 6001 allows Stored XSS on the user-management page while importing malicious user details from AD.