CVE-2022-24446

2022-03-0102:01:27

mitre

www.cve.org

vulnerability

zoho manageengine

key manager plus

AI Score

Confidence

High

EPSS

0.001

Percentile

32.5%

JSON

An issue was discovered in Zoho ManageEngine Key Manager Plus 6.1.6. A user, with the level Operator, can see all SSH servers (and user information) even if no SSH server or user is associated to the operator.

References

excellium-services.com/cert-xlm-advisory/cve-2022-24446/

www.manageengine.com/key-manager/release-notes.html#6200