Description

ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine.

Related CPE's

a

zohocorp

manageengine_opmanager

171

a

zohocorp

manageengine_network_configuration_manager

62

a

zohocorp

manageengine_netflow_analyzer

49

a

zohocorp

manageengine_firewall_analyzer

54

References

https://manageengine.com

Vendor Advisory

https://www.manageengine.com/itom/advisory/cve-2022-35404.html

PatchVendor Advisory

Weaknesses

[email protected]

Primary
CWE-20

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

8.2 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2022-07-18T13:15:10.510

2 years ago

Last modified

2023-08-08T14:22:24.967

1 year ago