Known Vulnerabilities for Manageengine Log360 by Zohocorp

Listed below are 9 of the newest known vulnerabilities associated with "Manageengine Log360" by "Zohocorp".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2023-35785 Zoho ManageEngine Active Directory 360 versions 4315 and below, ADAudit Plus 7202 and below, ADManager Plus 7200 and below, A... 8.1 - HIGH 2023-08-28 2024-03-12
CVE-2021-40178 Zoho ManageEngine Log360 before Build 5224 allows stored XSS via the LOGO_PATH key value in the logon settings. 6.1 - MEDIUM 2021-08-29 2021-09-01
CVE-2021-40177 Zoho ManageEngine Log360 before Build 5225 allows remote code execution via BCP file overwrite. 9.8 - CRITICAL 2021-08-29 2021-09-01
CVE-2021-40176 Zoho ManageEngine Log360 before Build 5225 allows stored XSS. 6.1 - MEDIUM 2021-08-29 2021-09-01
CVE-2021-40175 Zoho ManageEngine Log360 before Build 5219 allows unrestricted file upload with resultant remote code execution. 9.8 - CRITICAL 2021-08-29 2021-09-01
CVE-2021-40174 Zoho ManageEngine Log360 before Build 5224 allows a CSRF attack for disabling the logon security settings. 8.8 - HIGH 2021-08-29 2021-09-01
CVE-2021-40172 Zoho ManageEngine Log360 before Build 5219 allows a CSRF attack on proxy settings. 8.8 - HIGH 2021-08-29 2021-09-01
CVE-2021-20136 ManageEngine Log360 Builds < 5235 are affected by an improper access control vulnerability allowing database configuration ov... 9.8 - CRITICAL 2021-11-01 2022-07-12
CVE-2020-24786 An issue was discovered in Zoho ManageEngine Exchange Reporter Plus before build number 5510, AD360 before build number 4228,... 9.8 - CRITICAL 2020-08-31 2023-11-07
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report