ManageEngine Password Manager Pro Multiple Vulnerabilities
Release Date: 4 Mar 2024
RISK: Medium Risk
TYPE: Web services - Web Servers
Multiple vulnerabilities were identified in ManageEngine Password Manager Pro. A remote attacker could exploit some of these vulnerabilities to trigger security restriction bypass, data manipulation, cross-site scripting and sensitive information disclosure on the targeted system.
Impact
- Information Disclosure
- Data Manipulation
- Cross-Site Scripting
- Security Restriction Bypass
System / Technologies affected
- ManageEngine Password Manager Pro prior to version 12.4 (Build-12420)
Solutions
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
- Update to version 12.4 (Build-12420) or later
沒有留言:
發佈留言