This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Zohocorp First view 2018-02-07
Product Manageengine Admanager Plus Last view 2022-04-18
Version 7.1 Type Application
Update 7110  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:zohocorp:manageengine_admanager_plus

Activity : Overall

Related : CVE

  Date Alert Description
8.8 2022-04-18 CVE-2022-29457

Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701, and ADManagerPlus 7131 allow NTLM Hash disclosure during certain storage-path configuration steps.

9.8 2021-11-11 CVE-2021-42002

Zoho ManageEngine ADManager Plus before 7115 is vulnerable to a filter bypass that leads to file-upload remote code execution.

8.8 2021-10-13 CVE-2021-20131

ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the Personalization interface.

8.8 2021-10-13 CVE-2021-20130

ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the PasswordExpiry interface.

9.8 2021-10-07 CVE-2021-37931

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

9.8 2021-10-07 CVE-2021-37930

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

9.8 2021-10-07 CVE-2021-37929

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

9.8 2021-10-07 CVE-2021-37928

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

9.8 2021-10-07 CVE-2021-37926

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

9.8 2021-10-07 CVE-2021-37924

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

9.8 2021-10-07 CVE-2021-37923

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

5.3 2021-10-07 CVE-2021-37922

Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable to path traversal which allows copying of files from one directory to another.

9.8 2021-10-07 CVE-2021-37921

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

9.8 2021-10-07 CVE-2021-37920

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

9.8 2021-10-07 CVE-2021-37919

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

9.8 2021-10-07 CVE-2021-37918

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

9.8 2021-10-07 CVE-2021-37762

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file overwrite leading to remote code execution.

9.8 2021-09-27 CVE-2021-37761

Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable to unrestricted file upload, leading to remote code execution.

9.8 2021-09-27 CVE-2021-37539

Zoho ManageEngine ADManager Plus before 7111 is vulnerable to unrestricted file which leads to Remote code execution.

9.8 2021-09-22 CVE-2021-37927

Zoho ManageEngine ADManager Plus version 7110 and prior allows account takeover via SSO.

8.8 2021-09-21 CVE-2021-37741

ManageEngine ADManager Plus before 7111 has Pre-authentication RCE vulnerabilities.

8.8 2018-02-07 CVE-2017-17552

/LoadFrame in Zoho ManageEngine AD Manager Plus build 6590 - 6613 allows attackers to conduct URL Redirection attacks via the src parameter, resulting in a bypass of CSRF protection, or potentially masquerading a malicious URL as trusted.

CWE : Common Weakness Enumeration

%idName
76% (16) CWE-434 Unrestricted Upload of File with Dangerous Type
9% (2) CWE-287 Improper Authentication
4% (1) CWE-522 Insufficiently Protected Credentials
4% (1) CWE-352 Cross-Site Request Forgery (CSRF)
4% (1) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...