Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2022-03916
HistoryNov 21, 2021 - 12:00 a.m.

ZOHO ManageEngine Remote Access Plus Access Control Error Vulnerability

2021-11-2100:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
zoho manageengine
remote access
access control
vulnerability
elevation of privilege
unauthorized password reset
sensitive data

EPSS

0

Percentile

5.2%

JSON

ZOHO ManageEngine Remote Access Plus is a remote access solution from ZOHO, Inc. An access control error vulnerability exists in versions of ZOHO ManageEngine Remote Access Plus Server prior to 10.1.2121.1, which stems from a faulty access control. An attacker could use this vulnerability to achieve elevation of privilege, unauthorized password reset, steal sensitive data, access credentials in clear text, access registry values, tamper with configuration files, etc.

Related

cvelist 1
cve 1
prion 1
nvd 1
cvelist
cvelist
CVE-2021-42954
2021-11-17 12:13:26
cve
cve
CVE-2021-42954
2021-11-17 13:15:07
prion
prion
Information disclosure
2021-11-17 13:15:00
nvd
nvd
CVE-2021-42954
2021-11-17 13:15:07

EPSS

0

Percentile

5.2%

JSON
Related for CNVD-2022-03916
cvelist1cve1prion1nvd1