ZohoCorp ManageEngine OpManager 12.5 Build 125470
Approved changes feed: RSS · Atom
cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125470:*:*:*:*:*:*
part: a version: 12.5 update: build125470
| Vendor | Zohocorp (4f1ab088-ab0e-54ac-b0dc-2304879a7502) |
|---|---|
| Product | Manageengine Opmanager (2325af94-7fc7-577f-bf28-675a973224ed) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-6105 |
vulnerable | 2026-06-03 14:53:50.604624 |
ManageEngine Information Disclosure in Multiple Products
MEDIUM (5.5)
An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database passwords. This allows the user to access the ManageEngine product database.
Published: 2023-11-15T20:57:47.981Z
Updated: 2025-02-13T17:26:03.759Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-38772 |
vulnerable | 2026-06-03 14:47:50.269205 |
Details available
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature.
Published: 2022-08-29T20:21:57.000Z
Updated: 2024-08-03T11:02:14.606Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-35404 |
vulnerable | 2026-06-03 14:47:38.052648 |
Details available
ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine.
Published: 2022-07-18T12:25:32.000Z
Updated: 2024-08-03T09:36:44.178Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-29535 |
vulnerable | 2026-06-03 14:46:58.541637 |
Details available
Zoho ManageEngine OPManager through 125588 allows SQL Injection via a few default reports.
Published: 2022-05-05T22:17:40.000Z
Updated: 2024-08-03T06:26:06.231Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-27908 |
vulnerable | 2026-06-03 14:46:54.206373 |
Details available
Zoho ManageEngine OpManager before 125588 (and before 125603) is vulnerable to authenticated SQL Injection in the Inventory Reports module.
Published: 2022-04-18T12:17:13.000Z
Updated: 2024-08-03T05:41:10.774Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-44514 |
vulnerable | 2026-06-03 14:45:36.320118 |
Details available
OpUtils in Zoho ManageEngine OpManager 12.5 before 125490 mishandles authentication for a few audit directories.
Published: 2021-12-09T19:15:27.000Z
Updated: 2024-08-04T04:25:16.790Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.