CVE-2022-24447

2022-03-0214:41:59

mitre

www.cve.org

zoho manageengine

key manager plus

unauthorized access

ssl certificates

AI Score

6.6

Confidence

High

EPSS

0.001

Percentile

44.0%

JSON

An issue was discovered in Zoho ManageEngine Key Manager Plus before 6200. A service exposed by the application allows a user, with the level Operator, to access stored SSL certificates and associated key pairs during export.

References

excellium-services.com/cert-xlm-advisory/cve-2022-24447/

www.manageengine.com/key-manager/release-notes.html#6200