This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Zohocorp First view 2021-11-11
Product Manageengine Patch Connect Plus Last view 2023-11-15
Version 9.0.0 Type Application
Update build90096  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:zohocorp:manageengine_patch_connect_plus

Activity : Overall

Related : CVE

  Date Alert Description
5.5 2023-11-15 CVE-2023-6105

An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database passwords. This allows the user to access the ManageEngine product database.

9.8 2021-11-11 CVE-2021-41833

Zoho ManageEngine Patch Connect Plus before 90099 is vulnerable to unauthenticated remote code execution.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-434 Unrestricted Upload of File with Dangerous Type