ManageEngine Exchange Reporter Plus
by Zoho
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-24786 | Cri | 0.65 | 9.8 | 0.13 | Aug 31, 2020 | An issue was discovered in Zoho ManageEngine Exchange Reporter Plus before build number 5510, AD360 before build number 4228, ADSelfService Plus before build number 5817, DataSecurity Plus before build number 6033, RecoverManager Plus before build number 6017, EventLog Analyzer… | ||
| CVE-2022-29457 | Hig | 0.61 | 8.8 | 0.08 | Apr 18, 2022 | Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701, and ADManagerPlus 7131 allow NTLM Hash disclosure during certain storage-path configuration steps. | ||
| CVE-2024-21775 | Hig | 0.54 | 8.3 | 0.05 | Feb 16, 2024 | Zoho ManageEngine Exchange Reporter Plus versions 5714 and below are vulnerable to the Authenticated SQL injection in report exporting feature. | ||
| CVE-2023-22624 | Hig | 0.49 | 7.5 | 0.03 | Jan 17, 2023 | Zoho ManageEngine Exchange Reporter Plus before 5708 allows attackers to conduct XXE attacks. |
- risk 0.65cvss 9.8epss 0.13
An issue was discovered in Zoho ManageEngine Exchange Reporter Plus before build number 5510, AD360 before build number 4228, ADSelfService Plus before build number 5817, DataSecurity Plus before build number 6033, RecoverManager Plus before build number 6017, EventLog Analyzer…
- risk 0.61cvss 8.8epss 0.08
Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701, and ADManagerPlus 7131 allow NTLM Hash disclosure during certain storage-path configuration steps.
- risk 0.54cvss 8.3epss 0.05
Zoho ManageEngine Exchange Reporter Plus versions 5714 and below are vulnerable to the Authenticated SQL injection in report exporting feature.
- risk 0.49cvss 7.5epss 0.03
Zoho ManageEngine Exchange Reporter Plus before 5708 allows attackers to conduct XXE attacks.