Known Vulnerabilities for Manageengine Analytics Plus by Zohocorp
Listed below are 3 of the newest known vulnerabilities associated with "Manageengine Analytics Plus" by "Zohocorp".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-21642 | Directory Traversal vulnerability ZDBQAREFSUBDIR parameter in /zropusermgmt API in Zoho ManageEngine Analytics Plus before 43... | 9.8 - CRITICAL | 2022-08-15 | 2022-08-16 |
| CVE-2020-21641 | Out-of-Band XML External Entity (OOB-XXE) vulnerability in Zoho ManageEngine Analytics Plus before 4.3.5 allows remote attack... | 7.5 - HIGH | 2022-08-15 | 2022-08-16 |
| CVE-2019-12133 | Multiple Zoho ManageEngine products suffer from local privilege escalation due to improper permissions for the %SYSTEMDRIVE%\... | 7.8 - HIGH | 2019-06-18 | 2020-08-24 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Zohocorp | Manageengine Analytics Plus | 1.0 | All | All | All |