ZohoCorp ManageEngine OpManager 12.5 Build 125434
Approved changes feed: RSS · Atom
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125434:*:*:*:*:*:*
part: a version: 12.5 update: build125434
| Vendor | Zohocorp (4f1ab088-ab0e-54ac-b0dc-2304879a7502) |
|---|---|
| Product | Manageengine Opmanager (2325af94-7fc7-577f-bf28-675a973224ed) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-6105 |
vulnerable | 2026-06-03 14:53:50.595860 |
ManageEngine Information Disclosure in Multiple Products
MEDIUM (5.5)
An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database passwords. This allows the user to access the ManageEngine product database.
Published: 2023-11-15T20:57:47.981Z
Updated: 2025-02-13T17:26:03.759Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-35404 |
vulnerable | 2026-06-03 14:47:38.044772 |
Details available
ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine.
Published: 2022-07-18T12:25:32.000Z
Updated: 2024-08-03T09:36:44.178Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-29535 |
vulnerable | 2026-06-03 14:46:58.527843 |
Details available
Zoho ManageEngine OPManager through 125588 allows SQL Injection via a few default reports.
Published: 2022-05-05T22:17:40.000Z
Updated: 2024-08-03T06:26:06.231Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-27908 |
vulnerable | 2026-06-03 14:46:54.200116 |
Details available
Zoho ManageEngine OpManager before 125588 (and before 125603) is vulnerable to authenticated SQL Injection in the Inventory Reports module.
Published: 2022-04-18T12:17:13.000Z
Updated: 2024-08-03T05:41:10.774Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-44514 |
vulnerable | 2026-06-03 14:45:36.313698 |
Details available
OpUtils in Zoho ManageEngine OpManager 12.5 before 125490 mishandles authentication for a few audit directories.
Published: 2021-12-09T19:15:27.000Z
Updated: 2024-08-04T04:25:16.790Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-41288 |
vulnerable | 2026-06-03 14:45:25.465712 |
Details available
Zoho ManageEngine OpManager version 125466 and below is vulnerable to SQL Injection in the getReportData API.
Published: 2021-09-30T18:11:14.000Z
Updated: 2024-08-04T03:08:31.921Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-41075 |
vulnerable | 2026-06-03 14:45:25.013757 |
Details available
The NetFlow Analyzer in Zoho ManageEngine OpManger before 125455 is vulnerable to SQL Injection in the Attacks Module API.
Published: 2021-10-13T22:12:29.000Z
Updated: 2024-08-04T02:59:31.280Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-40493 |
vulnerable | 2026-06-03 14:45:24.177967 |
Details available
Zoho ManageEngine OpManager before 125437 is vulnerable to SQL Injection in the support diagnostics module. This occurs via the pollingObject parameter of the getDataCollectionFailureReason API.
Published: 2021-10-13T22:07:34.000Z
Updated: 2024-08-04T02:44:10.865Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.