Skip to main content

Manageengine Endpoint Central

5 CVEs product

Monthly

CVE-2025-5494 LOW Monitor

ZohoCorp ManageEngine Endpoint Central was impacted by an improper privilege management issue in the agent setup.4.2500.25, through 11.4.2508.13. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Manageengine Endpoint Central
NVD
CVSS 3.1
3.9
EPSS
0.0%
CVE-2024-9097 LOW Monitor

ManageEngine Endpoint Central versions before 11.3.2440.09 are vulnerable to IDOR vulnerability which allows the attacker to change the username in the chat. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Manageengine Endpoint Central
NVD
CVSS 3.1
3.5
EPSS
0.1%
CVE-2024-10203 HIGH This Week

Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below, 11.3.2428.9 and below are vulnerable to Arbitrary File Deletion in the agent installed machines. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Zoho Manageengine Endpoint Central
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-38868 HIGH This Week

Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability while isolating the devices.3.2406.08 and before 11.3.2400.15. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Zoho Manageengine Endpoint Central
NVD
CVSS 3.1
8.3
EPSS
0.8%
CVE-2023-6105 MEDIUM POC This Month

An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Zoho Manageengine Analytics Plus Manageengine Appcreator Manageengine Application Control Plus +36
NVD
CVSS 3.1
5.5
EPSS
0.7%
EPSS 0% CVSS 3.9
LOW Monitor

ZohoCorp ManageEngine Endpoint Central was impacted by an improper privilege management issue in the agent setup.4.2500.25, through 11.4.2508.13. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Manageengine Endpoint Central
NVD
EPSS 0% CVSS 3.5
LOW Monitor

ManageEngine Endpoint Central versions before 11.3.2440.09 are vulnerable to IDOR vulnerability which allows the attacker to change the username in the chat. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Manageengine Endpoint Central
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below, 11.3.2428.9 and below are vulnerable to Arbitrary File Deletion in the agent installed machines. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Zoho Manageengine Endpoint Central
NVD
EPSS 1% CVSS 8.3
HIGH This Week

Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability while isolating the devices.3.2406.08 and before 11.3.2400.15. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Zoho Manageengine Endpoint Central
NVD
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Zoho Manageengine Analytics Plus +38
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy