ManageEngine Password Manager Pro Multiple Vulnerabilities
Release Date: 13 May 2024
RISK: Medium Risk
TYPE: Web services - Web Servers
Multiple vulnerabilities were identified in ManageEngine Password Manager Pro. A remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, sensitive information disclosure, cross-site scripting and security restriction bypass on the targeted system.
Impact
- Information Disclosure
- Elevation of Privilege
- Cross-Site Scripting
- Security Restriction Bypass
System / Technologies affected
- ManageEngine Password Manager Pro prior to version 12.4 (Build-12430)
Solutions
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
- Update to version 12.4 (Build-12430) or later
Vulnerability Identifier
- No CVE information is available
沒有留言:
發佈留言