Critical severity9.8NVD Advisory· Published Aug 4, 2017· Updated Jun 17, 2026
CVE-2015-9107
CVE-2015-9107
Description
Zoho ManageEngine OpManager 11 through 12.2 uses a custom encryption algorithm to protect the credential used to access the monitored devices. The implemented algorithm doesn't use a per-system key or even a salt; therefore, it's possible to create a universal decryptor.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:a:zohocorp:manageengine_opmanager:11.0:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:zohocorp:manageengine_opmanager:11.0:*:*:*:*:*:*:*
- cpe:2.3:a:zohocorp:manageengine_opmanager:11.1:*:*:*:*:*:*:*
- cpe:2.3:a:zohocorp:manageengine_opmanager:11.2:*:*:*:*:*:*:*
- cpe:2.3:a:zohocorp:manageengine_opmanager:11.3:*:*:*:*:*:*:*
- cpe:2.3:a:zohocorp:manageengine_opmanager:11.4:*:*:*:*:*:*:*
- cpe:2.3:a:zohocorp:manageengine_opmanager:11.5:*:*:*:*:*:*:*
- cpe:2.3:a:zohocorp:manageengine_opmanager:11.6:*:*:*:*:*:*:*
- cpe:2.3:a:zohocorp:manageengine_opmanager:12.2:*:*:*:*:*:*:*
- Range: 11 - 12.2
Patches
Vulnerability mechanics
News mentions
0No linked articles in our index yet.