Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2021-64484
HistoryAug 03, 2021 - 12:00 a.m.

ZOHO ManageEngine Password Manager Pro has an unspecified vulnerability

2021-08-0300:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
zoho manageengine
password manager
security vulnerability
usa
username enumeration
sensitive information
exploit
cnvd

EPSS

0.002

Percentile

57.0%

JSON

A security vulnerability exists in ZOHO ManageEngine Password Manager Pro, a password manager from ZOHO USA, which stems from the fact that Zoho ManageEngine Password Manager Pro allows login/AjaxResponse.jsp?RequestType=GetUserDomainName & userName= Username enumeration, because the response (to a failed login request) is empty only when the username is invalid. An attacker could exploit this vulnerability to obtain sensitive information.

Related

prion 1
cve 1
nvd 1
cvelist 1
prion
prion
Cross site request forgery (csrf)
2021-07-31 17:15:00
cve
cve
CVE-2021-33617
2021-07-31 17:15:07
nvd
nvd
CVE-2021-33617
2021-07-31 17:15:07
cvelist
cvelist
CVE-2021-33617
2021-07-31 16:55:50

EPSS

0.002

Percentile

57.0%

JSON
Related for CNVD-2021-64484
prion1cve1nvd1cvelist1