ZohoCorp ManageEngine OpManager 12.5
Approved changes feed: RSS · Atom
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:-:*:*:*:*:*:*
part: a version: 12.5 update: -
| Vendor | Zohocorp (4f1ab088-ab0e-54ac-b0dc-2304879a7502) |
|---|---|
| Product | Manageengine Opmanager (2325af94-7fc7-577f-bf28-675a973224ed) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-35404 |
vulnerable | 2026-06-03 14:47:37.989289 |
Details available
ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine.
Published: 2022-07-18T12:25:32.000Z
Updated: 2024-08-03T09:36:44.178Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-29535 |
vulnerable | 2026-06-03 14:46:58.525933 |
Details available
Zoho ManageEngine OPManager through 125588 allows SQL Injection via a few default reports.
Published: 2022-05-05T22:17:40.000Z
Updated: 2024-08-03T06:26:06.231Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-27908 |
vulnerable | 2026-06-03 14:46:54.145725 |
Details available
Zoho ManageEngine OpManager before 125588 (and before 125603) is vulnerable to authenticated SQL Injection in the Inventory Reports module.
Published: 2022-04-18T12:17:13.000Z
Updated: 2024-08-03T05:41:10.774Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-44514 |
vulnerable | 2026-06-03 14:45:36.259426 |
Details available
OpUtils in Zoho ManageEngine OpManager 12.5 before 125490 mishandles authentication for a few audit directories.
Published: 2021-12-09T19:15:27.000Z
Updated: 2024-08-04T04:25:16.790Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-41288 |
vulnerable | 2026-06-03 14:45:25.463727 |
Details available
Zoho ManageEngine OpManager version 125466 and below is vulnerable to SQL Injection in the getReportData API.
Published: 2021-09-30T18:11:14.000Z
Updated: 2024-08-04T03:08:31.921Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-41075 |
vulnerable | 2026-06-03 14:45:25.011766 |
Details available
The NetFlow Analyzer in Zoho ManageEngine OpManger before 125455 is vulnerable to SQL Injection in the Attacks Module API.
Published: 2021-10-13T22:12:29.000Z
Updated: 2024-08-04T02:59:31.280Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-40493 |
vulnerable | 2026-06-03 14:45:24.123537 |
Details available
Zoho ManageEngine OpManager before 125437 is vulnerable to SQL Injection in the support diagnostics module. This occurs via the pollingObject parameter of the getDataCollectionFailureReason API.
Published: 2021-10-13T22:07:34.000Z
Updated: 2024-08-04T02:44:10.865Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-3287 |
vulnerable | 2026-06-03 14:45:10.346109 |
Details available
Zoho ManageEngine OpManager before 12.5.329 allows unauthenticated Remote Code Execution due to a general bypass in the deserialization class.
Published: 2021-04-22T12:58:00.000Z
Updated: 2024-08-03T16:53:16.496Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-13818 |
vulnerable | 2026-06-03 14:41:37.166264 |
Details available
In Zoho ManageEngine OpManager before 125144, when <cachestart> is used, directory traversal validation can be bypassed.
Published: 2020-06-04T12:51:17.000Z
Updated: 2024-08-04T12:25:16.515Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.