ManageEngine Password Manager Pro Multiple Vulnerabilities
Release Date: 14 Dec 2023
RISK: Medium Risk
TYPE: Web services - Web Servers
Multiple vulnerabilities were identified in ManageEngine Password Manager Pro. A remote attacker could exploit some of these vulnerabilities to trigger data manipulation, cross-site scripting and sensitive information disclosure on the targeted system.
Impact
- Information Disclosure
- Data Manipulation
- Cross-Site Scripting
System / Technologies affected
- ManageEngine Password Manager Pro prior to version 12.4 (Build-12410)
Solutions
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
- Update to version 12.4 (Build-12410) or later
沒有留言:
發佈留言