Known Vulnerabilities for Manageengine Opmanager by Zohocorp

Listed below are 10 of the newest known vulnerabilities associated with "Manageengine Opmanager" by "Zohocorp".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2021-41288	Zoho ManageEngine OpManager version 125466 and below is vulnerable to SQL Injection in the getReportData API.	9.8 - CRITICAL	2021-09-30	2021-10-07
CVE-2021-41075	The NetFlow Analyzer in Zoho ManageEngine OpManger before 125455 is vulnerable to SQL Injection in the Attacks Module API.	9.8 - CRITICAL	2021-10-13	2021-10-19
CVE-2021-40493	Zoho ManageEngine OpManager before 125437 is vulnerable to SQL Injection in the support diagnostics module. This occurs via t...	9.8 - CRITICAL	2021-10-13	2021-10-19
CVE-2021-20078	Manage Engine OpManager builds below 125346 are vulnerable to a remote denial of service vulnerability due to a path traversa...	9.1 - CRITICAL	2021-04-01	2021-06-22
CVE-2021-3287	Zoho ManageEngine OpManager before 12.5.329 allows unauthenticated Remote Code Execution due to a general bypass in the deser...	9.8 - CRITICAL	2021-04-22	2022-04-18
CVE-2020-13818	In Zoho ManageEngine OpManager before 125144, when is used, directory traversal validation can be bypassed.	7.5 - HIGH	2020-06-04	2021-06-22
CVE-2020-12116	Zoho ManageEngine OpManager Stable build before 124196 and Released build before 125125 allows an unauthenticated attacker to...	7.5 - HIGH	2020-05-07	2021-07-21
CVE-2020-11946	Zoho ManageEngine OpManager before 125120 allows an unauthenticated user to retrieve an API key via a servlet call.	7.5 - HIGH	2020-04-20	2022-10-05
CVE-2020-11527	In Zoho ManageEngine OpManager before 12.4.181, an unauthenticated remote attacker can send a specially crafted URI to read a...	7.5 - HIGH	2020-04-04	2021-07-21
CVE-2020-10541	Zoho ManageEngine OpManager before 12.4.179 allows remote code execution via a specially crafted Mail Server Settings v1 API ...	9.8 - CRITICAL	2020-03-13	2021-07-21

Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Zohocorp	Manageengine Opmanager	12.5	-	All	All
Application	Zohocorp	Manageengine Opmanager	12.5	125000	All	All
Application	Zohocorp	Manageengine Opmanager	12.5	125002	All	All
Application	Zohocorp	Manageengine Opmanager	12.5	125100	All	All
Application	Zohocorp	Manageengine Opmanager	12.5	125101	All	All
Application	Zohocorp	Manageengine Opmanager	12.5	125102	All	All
Application	Zohocorp	Manageengine Opmanager	12.5	125108	All	All
Application	Zohocorp	Manageengine Opmanager	12.5	125110	All	All
Application	Zohocorp	Manageengine Opmanager	12.5	125111	All	All
Application	Zohocorp	Manageengine Opmanager	12.5	125112	All	All
Application	Zohocorp	Manageengine Opmanager	12.5	125113	All	All
Application	Zohocorp	Manageengine Opmanager	12.5	125114	All	All
Application	Zohocorp	Manageengine Opmanager	12.5	125116	All	All
Application	Zohocorp	Manageengine Opmanager	12.5	125117	All	All
Application	Zohocorp	Manageengine Opmanager	12.5	125118	All	All
Application	Zohocorp	Manageengine Opmanager	12.5	125120	All	All
Application	Zohocorp	Manageengine Opmanager	12.5	125121	All	All
Application	Zohocorp	Manageengine Opmanager	12.5	125123	All	All
Application	Zohocorp	Manageengine Opmanager	12.5	125124	All	All
Application	Zohocorp	Manageengine Opmanager	12.5	125125	All	All

Results limited to 20 most recent known configurations