ManageEngine O365 Manager Plus
by Zoho
CVEs (49)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-37539 | Cri | 0.71 | 9.8 | 0.93 | Sep 27, 2021 | Zoho ManageEngine ADManager Plus before 7111 is vulnerable to unrestricted file which leads to Remote code execution. | ||
| CVE-2021-3287 | Cri | 0.71 | 9.8 | 0.51 | Apr 22, 2021 | Zoho ManageEngine OpManager before 12.5.329 allows unauthenticated Remote Code Execution due to a general bypass in the deserialization class. | ||
| CVE-2021-37926 | Cri | 0.70 | 9.8 | 0.74 | Oct 7, 2021 | Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | ||
| CVE-2021-37918 | Cri | 0.70 | 9.8 | 0.74 | Oct 7, 2021 | Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | ||
| CVE-2021-37924 | Cri | 0.65 | 9.8 | 0.11 | Oct 7, 2021 | Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | ||
| CVE-2021-37921 | Cri | 0.65 | 9.8 | 0.11 | Oct 7, 2021 | Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | ||
| CVE-2021-37920 | Cri | 0.65 | 9.8 | 0.11 | Oct 7, 2021 | Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | ||
| CVE-2021-37919 | Cri | 0.65 | 9.8 | 0.11 | Oct 7, 2021 | Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | ||
| CVE-2021-37925 | Cri | 0.65 | 9.8 | 0.10 | Sep 22, 2021 | Zoho ManageEngine ADManager Plus version 7110 and prior has a Post-Auth OS command injection vulnerability. | ||
| CVE-2020-24786 | Cri | 0.65 | 9.8 | 0.13 | Aug 31, 2020 | An issue was discovered in Zoho ManageEngine Exchange Reporter Plus before build number 5510, AD360 before build number 4228, ADSelfService Plus before build number 5817, DataSecurity Plus before build number 6033, RecoverManager Plus before build number 6017, EventLog Analyzer… | ||
| CVE-2022-24306 | Cri | 0.64 | 9.8 | 0.02 | Mar 2, 2022 | Zoho ManageEngine SharePoint Manager Plus before 4329 allows account takeover because authorization is mishandled. | ||
| CVE-2022-24305 | Cri | 0.64 | 9.8 | 0.03 | Mar 2, 2022 | Zoho ManageEngine SharePoint Manager Plus before 4329 is vulnerable to a sensitive data leak that leads to privilege escalation. | ||
| CVE-2021-42099 | Cri | 0.64 | 9.8 | 0.07 | Nov 30, 2021 | Zoho ManageEngine M365 Manager Plus before 4421 is vulnerable to file-upload remote code execution. | ||
| CVE-2021-42002 | Cri | 0.64 | 9.8 | 0.07 | Nov 11, 2021 | Zoho ManageEngine ADManager Plus before 7115 is vulnerable to a filter bypass that leads to file-upload remote code execution. | ||
| CVE-2021-38298 | Cri | 0.64 | 9.8 | 0.03 | Oct 7, 2021 | Zoho ManageEngine ADManager Plus before 7110 is vulnerable to blind XXE. | ||
| CVE-2021-37931 | Cri | 0.64 | 9.8 | 0.09 | Oct 7, 2021 | Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | ||
| CVE-2021-37930 | Cri | 0.64 | 9.8 | 0.09 | Oct 7, 2021 | Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | ||
| CVE-2021-37929 | Cri | 0.64 | 9.8 | 0.09 | Oct 7, 2021 | Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | ||
| CVE-2021-37928 | Cri | 0.64 | 9.8 | 0.09 | Oct 7, 2021 | Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | ||
| CVE-2021-37762 | Cri | 0.64 | 9.8 | 0.08 | Oct 7, 2021 | Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file overwrite leading to remote code execution. |
- risk 0.71cvss 9.8epss 0.93
Zoho ManageEngine ADManager Plus before 7111 is vulnerable to unrestricted file which leads to Remote code execution.
- risk 0.71cvss 9.8epss 0.51
Zoho ManageEngine OpManager before 12.5.329 allows unauthenticated Remote Code Execution due to a general bypass in the deserialization class.
- risk 0.70cvss 9.8epss 0.74
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.
- risk 0.70cvss 9.8epss 0.74
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.
- risk 0.65cvss 9.8epss 0.11
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.
- risk 0.65cvss 9.8epss 0.11
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.
- risk 0.65cvss 9.8epss 0.11
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.
- risk 0.65cvss 9.8epss 0.11
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.
- risk 0.65cvss 9.8epss 0.10
Zoho ManageEngine ADManager Plus version 7110 and prior has a Post-Auth OS command injection vulnerability.
- risk 0.65cvss 9.8epss 0.13
An issue was discovered in Zoho ManageEngine Exchange Reporter Plus before build number 5510, AD360 before build number 4228, ADSelfService Plus before build number 5817, DataSecurity Plus before build number 6033, RecoverManager Plus before build number 6017, EventLog Analyzer…
- risk 0.64cvss 9.8epss 0.02
Zoho ManageEngine SharePoint Manager Plus before 4329 allows account takeover because authorization is mishandled.
- risk 0.64cvss 9.8epss 0.03
Zoho ManageEngine SharePoint Manager Plus before 4329 is vulnerable to a sensitive data leak that leads to privilege escalation.
- risk 0.64cvss 9.8epss 0.07
Zoho ManageEngine M365 Manager Plus before 4421 is vulnerable to file-upload remote code execution.
- risk 0.64cvss 9.8epss 0.07
Zoho ManageEngine ADManager Plus before 7115 is vulnerable to a filter bypass that leads to file-upload remote code execution.
- risk 0.64cvss 9.8epss 0.03
Zoho ManageEngine ADManager Plus before 7110 is vulnerable to blind XXE.
- risk 0.64cvss 9.8epss 0.09
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.
- risk 0.64cvss 9.8epss 0.09
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.
- risk 0.64cvss 9.8epss 0.09
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.
- risk 0.64cvss 9.8epss 0.09
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.
- risk 0.64cvss 9.8epss 0.08
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file overwrite leading to remote code execution.
Page 1 of 3