Lucene search
+L

432 matches found

CVE
CVE
added 2023/08/28 12:0 a.m.134 views

CVE-2023-35785

CVE-2023-35785 is a TFA bypass vulnerability affecting Zoho ManageEngine Active Directory 360, ADAudit Plus, ADManager Plus, Asset Explorer, Cloud Security Plus, Data Security Plus, Eventlog Analyzer, Exchange Reporter Plus, Log360, Log360 UEBA, M365 Manager/Security Plus, Recovery Manager Plus, ...

8.1CVSS8AI score0.02434EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/28 12:0 a.m.9 views

The vulnerability of the software for managing Active Directory services, Zoho ManageEngine ADManager Plus, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Zoho ManageEngine ADManager Plus software for managing Active Directory services is related to insufficient protection of registration data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information—suc...

7.8CVSS6.5AI score0.05312EPSS
Exploits4References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/08/17 11:15 p.m.5 views

CVE-2023-31492

Zoho ManageEngine ADManager Plus version 7182 and prior disclosed the default passwords for the account restoration of unauthorized domains to the authenticated users...

6.5CVSS6.6AI score0.05312EPSS
Exploits4References4
OSV
OSV
added 2023/08/17 11:15 p.m.4 views

CVE-2023-31492

Zoho ManageEngine ADManager Plus version 7182 and prior disclosed the default passwords for the account restoration of unauthorized domains to the authenticated users...

6.5CVSS5.8AI score0.05312EPSS
Exploits4References3
NVD
NVD
added 2023/08/17 11:15 p.m.19 views

CVE-2023-31492

Zoho ManageEngine ADManager Plus version 7182 and prior disclosed the default passwords for the account restoration of unauthorized domains to the authenticated users...

6.5CVSS6.4AI score0.05312EPSS
Exploits4References3
Prion
Prion
added 2023/08/17 11:15 p.m.29 views

Default credentials

Zoho ManageEngine ADManager Plus version 7182 and prior disclosed the default passwords for the account restoration of unauthorized domains to the authenticated users...

4CVSS6.4AI score0.05312EPSS
Exploits4References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/17 12:0 a.m.19 views

CVE-2023-31492

Zoho ManageEngine ADManager Plus version 7182 and prior disclosed the default passwords for the account restoration of unauthorized domains to the authenticated users...

7AI score0.05312EPSS
Exploits4References3
CVE
CVE
added 2023/08/17 12:0 a.m.114 views

CVE-2023-31492

CVE-2023-31492 affects Zoho ManageEngine ADManager Plus builds 7182 and earlier. The issue stems from improper access control in the Recovery/Backup workflow, which can allow an authenticated user to view or retrieve default passwords used for account restoration of unauthorized domains during ba...

6.5CVSS6.3AI score0.05312EPSS
Exploits4References3Affected Software1
CNNVD
CNNVD
added 2023/08/17 12:0 a.m.6 views

ZOHO ManageEngine ADManager Plus 安全漏洞

ZOHO ManageEngine ADManager Plus is a suite of Microsoft Active Directory management software from ZOHO designed for enterprise users using Windows domains. The software assists AD administrators and helpdesk technicians with day-to-day administrative tasks, such as batch management of user...

6.5CVSS6.4AI score0.05312EPSS
Exploits4References4
OSV
OSV
added 2023/08/04 6:15 p.m.6 views

CVE-2023-38332

Zoho ManageEngine ADManager Plus through 7201 allow authenticated users to take over another user's account via sensitive information disclosure...

6.5CVSS5.8AI score0.0305EPSS
Exploits0References2
NVD
NVD
added 2023/08/04 6:15 p.m.19 views

CVE-2023-38332

Zoho ManageEngine ADManager Plus through 7201 allow authenticated users to take over another user's account via sensitive information disclosure...

6.5CVSS6.1AI score0.0305EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/08/04 6:15 p.m.4 views

CVE-2023-38332

Zoho ManageEngine ADManager Plus through 7201 allow authenticated users to take over another user's account via sensitive information disclosure...

6.5CVSS6.6AI score0.0305EPSS
Exploits0References3
Prion
Prion
added 2023/08/04 6:15 p.m.22 views

Information disclosure

Zoho ManageEngine ADManager Plus through 7201 allow authenticated users to take over another user's account via sensitive information disclosure...

4CVSS6AI score0.0305EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/08/04 12:0 a.m.25 views

CVE-2023-38332

Zoho ManageEngine ADManager Plus through 7201 allow authenticated users to take over another user's account via sensitive information disclosure...

6.3AI score0.0305EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/08/04 12:0 a.m.4 views

ZOHO ManageEngine ADManager Plus Security Vulnerability

ZOHO ManageEngine ADManager Plus is a suite of Microsoft Active Directory management software from ZOHO designed for enterprise users using Windows domains. The software assists AD administrators and helpdesk technicians with day-to-day administrative tasks such as batch management of user accoun...

6.5CVSS6.2AI score0.0305EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/08/04 12:0 a.m.19 views

CVE-2023-38332

Zoho ManageEngine ADManager Plus through 7201 allow authenticated users to take over another user's account via sensitive information disclosure...

6.2AI score0.0305EPSS
Exploits0References2
CVE
CVE
added 2023/08/04 12:0 a.m.79 views

CVE-2023-38332

Summary: Zoho ManageEngine ADManager Plus up to version 7.2 Build 7201 contains an unauthorized access vulnerability that could allow an authenticated user to take over another user’s account via sensitive information disclosure. Root cause / impact: improper access control enabling account takeo...

6.5CVSS6.1AI score0.0305EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/07/30 12:0 a.m.5 views

PT-2023-4674 · Zoho · Zoho Manageengine Admanager Plus

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine ADManager Plus versions prior to 7203 Description: The issue is related to inadequate access control in the Zoho ManageEngine ADManager Plus software, which can be exploited by a remote attacker to gain unauthorized access t...

7.5CVSS5.2AI score0.04041EPSS
Exploits0References9
NVD
NVD
added 2023/07/05 6:15 a.m.20 views

CVE-2023-35786

Zoho ManageEngine ADManager Plus before 7183 allows admin users to exploit an XXE issue to view files...

4.9CVSS5.1AI score0.03026EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/07/05 6:15 a.m.3 views

CVE-2023-35786

Zoho ManageEngine ADManager Plus before 7183 allows admin users to exploit an XXE issue to view files...

4.9CVSS5.3AI score0.03026EPSS
Exploits0References2
Rows per page
Query Builder