Known Vulnerabilities for Manageengine Assetexplorer by Zohocorp

Listed below are 10 of the newest known vulnerabilities associated with "Manageengine Assetexplorer" by "Zohocorp".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2021-20110	Due to Manage Engine Asset Explorer Agent 1.0.34 not validating HTTPS certificates, an attacker on the network can statically...	9.8 - CRITICAL	2021-07-19	2022-06-28
CVE-2021-20109	Due to the Asset Explorer agent not validating HTTPS certificates, an attacker on the network can statically configure their ...	7.5 - HIGH	2021-07-19	2022-06-28
CVE-2021-20108	Manage Engine Asset Explorer Agent 1.0.34 listens on port 9000 for incoming commands over HTTPS from Manage Engine Server. Th...	7.5 - HIGH	2021-07-19	2021-07-28
CVE-2020-8838	An issue was discovered in Zoho ManageEngine AssetExplorer 6.5. During an upgrade of the Windows agent, it does not validate ...	6.4 - MEDIUM	2020-03-23	2022-10-07
CVE-2019-12994	Server Side Request Forgery (SSRF) exists in Zoho ManageEngine AssetExplorer version 6.2.0 for the AJaxServlet servlet via a ...	9.1 - CRITICAL	2019-08-08	2019-08-16
CVE-2019-12959	Server Side Request Forgery (SSRF) exists in Zoho ManageEngine AssetExplorer 6.2.0 and before for the ClientUtilServlet servl...	8.8 - HIGH	2019-08-08	2019-08-16
CVE-2019-12597	An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via ResourcesAttachments.jsp with the parameter page...	6.1 - MEDIUM	2019-07-11	2023-03-01
CVE-2019-12596	An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via SoftwareListView.do with the parameter swType or...	6.1 - MEDIUM	2019-07-11	2023-03-01
CVE-2019-12595	An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the RCSettings.do rdsName parameter.	6.1 - MEDIUM	2019-07-11	2023-03-01
CVE-2019-12537	An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the SearchN.do search field.	6.1 - MEDIUM	2019-07-11	2023-03-01

Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Zohocorp	Manageengine Assetexplorer	6.5	All	All	All
Application	Zohocorp	Manageengine Assetexplorer	6.2.0	All	All	All
Application	Zohocorp	Manageengine Assetexplorer	6.1	All	All	All
Application	Zohocorp	Manageengine Assetexplorer	5.6	5500	All	All
Application	Zohocorp	Manageengine Assetexplorer	5.6	5103	All	All
Application	Zohocorp	Manageengine Assetexplorer	5.6	5501	All	All
Application	Zohocorp	Manageengine Assetexplorer	5.6	5502	All	All
Application	Zohocorp	Manageengine Assetexplorer	5.6	5503	All	All
Application	Zohocorp	Manageengine Assetexplorer	5.6	5504	All	All
Application	Zohocorp	Manageengine Assetexplorer	5.6	5600	All	All
Application	Zohocorp	Manageengine Assetexplorer	5.6	5601	All	All
Application	Zohocorp	Manageengine Assetexplorer	5.6	5602	All	All
Application	Zohocorp	Manageengine Assetexplorer	5.6	5603	All	All
Application	Zohocorp	Manageengine Assetexplorer	5.6	5604	All	All
Application	Zohocorp	Manageengine Assetexplorer	5.6	5605	All	All
Application	Zohocorp	Manageengine Assetexplorer	5.6	5606	All	All
Application	Zohocorp	Manageengine Assetexplorer	5.6	5607	All	All
Application	Zohocorp	Manageengine Assetexplorer	5.6	5608	All	All
Application	Zohocorp	Manageengine Assetexplorer	5.6	5609	All	All
Application	Zohocorp	Manageengine Assetexplorer	5.6	5610	All	All

Results limited to 20 most recent known configurations