VYPR

PAM360

by Zoho

CVEs (3)

  • CVE-2022-43671CriNov 12, 2022
    risk 0.70cvss 9.8epss 0.75

    Zoho ManageEngine Password Manager Pro before 12122, PAM360 before 5711, and Access Manager Plus before 4306 allow SQL Injection.

  • CVE-2022-29081CriApr 28, 2022
    risk 0.70cvss 9.8epss 0.83

    Zoho ManageEngine Access Manager Plus before 4302, Password Manager Pro before 12007, and PAM360 before 5401 are vulnerable to access-control bypass on a few Rest API URLs (for SSOutAction. SSLAction. LicenseMgr. GetProductDetails. GetDashboard. FetchEvents. and Synchronize) via…

  • CVE-2022-47523CriJan 5, 2023
    risk 0.69cvss 9.8epss 0.71

    Zoho ManageEngine Access Manager Plus before 4309, Password Manager Pro before 12210, and PAM360 before 5801 are vulnerable to SQL Injection.