Description

ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine.

Related CPE's

a

zohocorp

manageengine_opmanager

171

a

zohocorp

manageengine_network_configuration_manager

62

a

zohocorp

manageengine_netflow_analyzer

49

a

zohocorp

manageengine_firewall_analyzer

54

References

https://manageengine.com

Vendor Advisory

https://www.manageengine.com/itom/advisory/cve-2022-35404.html

PatchVendor Advisory

https://manageengine.com

Vendor Advisory

https://www.manageengine.com/itom/advisory/cve-2022-35404.html

PatchVendor Advisory

Weaknesses

[email protected]

Primary
CWE-20

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

8.2 · High

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2022-07-18T11:15:10.510Z

3 years ago

Last modified

2024-11-21T06:11:06.367Z

1 year ago