Known Vulnerabilities for Manageengine Remote Access Plus by Zohocorp

Listed below are 10 of the newest known vulnerabilities associated with "Manageengine Remote Access Plus" by "Zohocorp".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2021-42955	Zoho Remote Access Plus Server Windows Desktop binary fixed in version 10.1.2132 is affected by an unauthorized password rese...	7.8 - HIGH	2021-11-17	2022-07-12
CVE-2021-42954	Zoho Remote Access Plus Server Windows Desktop Binary fixed from 10.1.2121.1 is affected by incorrect access control. The ins...	7.8 - HIGH	2021-11-17	2022-07-12
CVE-2021-41829	Zoho ManageEngine Remote Access Plus before 10.1.2121.1 relies on the application's build number to calculate a certain encry...	7.5 - HIGH	2021-09-30	2022-07-12
CVE-2021-41828	Zoho ManageEngine Remote Access Plus before 10.1.2121.1 has hardcoded credentials associated with resetPWD.xml.	7.5 - HIGH	2021-09-30	2021-10-05
CVE-2021-41827	Zoho ManageEngine Remote Access Plus before 10.1.2121.1 has hardcoded credentials for read-only access. The credentials are i...	7.5 - HIGH	2021-09-30	2021-10-05
CVE-2020-15589	A design issue was discovered in GetInternetRequestHandle, InternetSendRequestEx and InternetSendRequestByBitrate in the clie...	8.1 - HIGH	2020-10-02	2021-12-06
CVE-2020-8422	An authorization issue was discovered in the Credential Manager feature in Zoho ManageEngine Remote Access Plus before 10.0.4...	4.3 - MEDIUM	2020-01-31	2021-07-21
CVE-2019-20474	An issue was discovered in Zoho ManageEngine Remote Access Plus 10.0.447. The service to test the mail-server configuration s...	4.3 - MEDIUM	2020-02-17	2022-01-01
CVE-2019-16268	Zoho ManageEngine Remote Access Plus 10.0.259 allows HTML injection via the Description field on the Admin - User Administrat...	4.8 - MEDIUM	2021-02-03	2021-07-21
CVE-2019-11361	Zoho ManageEngine Remote Access Plus 10.0.258 does not validate user permissions properly, allowing for privilege escalation ...	8.8 - HIGH	2020-03-19	2020-08-24

Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Zohocorp	Manageengine Remote Access Plus	10.0.476	All	All	All
Application	Zohocorp	Manageengine Remote Access Plus	10.0.473	All	All	All
Application	Zohocorp	Manageengine Remote Access Plus	10.0.472	All	All	All
Application	Zohocorp	Manageengine Remote Access Plus	10.0.469	All	All	All
Application	Zohocorp	Manageengine Remote Access Plus	10.0.468	All	All	All
Application	Zohocorp	Manageengine Remote Access Plus	10.0.466	All	All	All
Application	Zohocorp	Manageengine Remote Access Plus	10.0.465	All	All	All
Application	Zohocorp	Manageengine Remote Access Plus	10.0.454	All	All	All
Application	Zohocorp	Manageengine Remote Access Plus	10.0.453	All	All	All
Application	Zohocorp	Manageengine Remote Access Plus	10.0.452	All	All	All
Application	Zohocorp	Manageengine Remote Access Plus	10.0.451	All	All	All
Application	Zohocorp	Manageengine Remote Access Plus	10.0.450	All	All	All
Application	Zohocorp	Manageengine Remote Access Plus	10.0.448	All	All	All
Application	Zohocorp	Manageengine Remote Access Plus	10.0.447	All	All	All
Application	Zohocorp	Manageengine Remote Access Plus	10.0.440	All	All	All
Application	Zohocorp	Manageengine Remote Access Plus	10.0.436	All	All	All
Application	Zohocorp	Manageengine Remote Access Plus	10.0.435	All	All	All
Application	Zohocorp	Manageengine Remote Access Plus	10.0.434	All	All	All
Application	Zohocorp	Manageengine Remote Access Plus	10.0.433	All	All	All
Application	Zohocorp	Manageengine Remote Access Plus	10.0.432	All	All	All

Results limited to 20 most recent known configurations