ManageEngine ADAudit Plus
by Zoho
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-36037 | 0.00 | — | 0.00 | May 27, 2024 | Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session recordings. | |||
| CVE-2024-36036 | 0.00 | — | 0.00 | May 27, 2024 | Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to access sensitive information and modifying the agent configuration. | |||
| CVE-2024-21791 | 0.00 | — | 0.03 | May 22, 2024 | Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection in lockout history option. Note: Non-admin users cannot exploit this vulnerability. | |||
| CVE-2023-49335 | 0.00 | — | 0.00 | May 20, 2024 | Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while getting file server details. | |||
| CVE-2023-49334 | 0.00 | — | 0.01 | May 20, 2024 | Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while exporting a full summary report. | |||
| CVE-2023-49333 | 0.00 | — | 0.01 | May 20, 2024 | Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the dashboard graph feature. | |||
| CVE-2023-49332 | 0.00 | — | 0.01 | May 20, 2024 | Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file shares. | |||
| CVE-2023-49331 | 0.00 | — | 0.01 | May 20, 2024 | Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the aggregate reports search option. | |||
| CVE-2023-49330 | 0.00 | — | 0.01 | May 20, 2024 | Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while getting aggregate report data. |
- CVE-2024-36037May 27, 2024risk 0.00cvss —epss 0.00
Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session recordings.
- CVE-2024-36036May 27, 2024risk 0.00cvss —epss 0.00
Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to access sensitive information and modifying the agent configuration.
- CVE-2024-21791May 22, 2024risk 0.00cvss —epss 0.03
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection in lockout history option. Note: Non-admin users cannot exploit this vulnerability.
- CVE-2023-49335May 20, 2024risk 0.00cvss —epss 0.00
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while getting file server details.
- CVE-2023-49334May 20, 2024risk 0.00cvss —epss 0.01
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while exporting a full summary report.
- CVE-2023-49333May 20, 2024risk 0.00cvss —epss 0.01
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the dashboard graph feature.
- CVE-2023-49332May 20, 2024risk 0.00cvss —epss 0.01
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file shares.
- CVE-2023-49331May 20, 2024risk 0.00cvss —epss 0.01
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the aggregate reports search option.
- CVE-2023-49330May 20, 2024risk 0.00cvss —epss 0.01
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while getting aggregate report data.