5 matches found
ManageEngine PAM360 REST API Restriction Bypass (CVE-2022-29081)
Binary data manageenginepam360cve-2022-29081.nbin...
ManageEngine Password Manager Pro REST API Restriction Bypass (CVE-2022-29081)
Binary data manageenginepmpcve-2022-29081.nbin...
ManageEngine Access Manager Plus REST API Restriction Bypass (CVE-2022-29081)
Binary data manageengineaccessmanagerpluscve-2022-29081.nbin...
CVE-2022-29081
creationtimestamp| type| source ---|---|--- 2022-04-29 00:29:17+00:00| seen| https://t.me/cibsecurity/41606 2025-04-29 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-04-29 2025-06-02 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-06-02...
CVE-2022-29081
CVE-2022-29081 affects Zoho ManageEngine products: Access Manager Plus (before 4302), Password Manager Pro (before 12007), and PAM360 (before 5401). The issue is an access-control bypass on certain REST API endpoints (SSOutAction, SSLAction, LicenseMgr, GetProductDetails, GetDashboard, FetchEvent...