Skip to main content

Manageengine Key Manager Plus

4 CVEs product

Monthly

CVE-2022-24447 MEDIUM This Month

An issue was discovered in Zoho ManageEngine Key Manager Plus before 6200. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Zoho Information Disclosure Manageengine Key Manager Plus
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-24446 MEDIUM This Month

An issue was discovered in Zoho ManageEngine Key Manager Plus 6.1.6. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Zoho Information Disclosure Manageengine Key Manager Plus
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2021-28382 MEDIUM POC This Month

Zoho ManageEngine Key Manager Plus before 6001 allows Stored XSS on the user-management page while importing malicious user details from AD. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Zoho Manageengine Key Manager Plus
NVD
CVSS 3.1
5.4
EPSS
1.2%
CVE-2019-12133 HIGH This Week

Multiple Zoho ManageEngine products suffer from local privilege escalation due to improper permissions for the %SYSTEMDRIVE%\ManageEngine directory and its sub-folders. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Zoho Manageengine Analytics Plus Manageengine Browser Security Plus Manageengine Desktop Central +15
NVD GitHub
CVSS 3.0
7.8
EPSS
1.8%
EPSS 1% CVSS 6.5
MEDIUM This Month

An issue was discovered in Zoho ManageEngine Key Manager Plus before 6200. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Zoho Information Disclosure Manageengine Key Manager Plus
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

An issue was discovered in Zoho ManageEngine Key Manager Plus 6.1.6. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Zoho Information Disclosure Manageengine Key Manager Plus
NVD
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Zoho ManageEngine Key Manager Plus before 6001 allows Stored XSS on the user-management page while importing malicious user details from AD. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Zoho Manageengine Key Manager Plus
NVD
EPSS 2% CVSS 7.8
HIGH This Week

Multiple Zoho ManageEngine products suffer from local privilege escalation due to improper permissions for the %SYSTEMDRIVE%\ManageEngine directory and its sub-folders. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Zoho Manageengine Analytics Plus +17
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy