What is CVE-2022-29081?

CVE-2022-29081 is a vulnerability in N/a. Published 2022-04-28.

Is CVE-2022-29081 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2022-29081

Zoho ManageEngine Access Manager Plus before 4302, Password Manager Pro before 12007, and PAM360 before 5401 are vulnerable to access-control bypass on a few Rest API URLs (for SSOutAction. SSLAction. LicenseMgr. GetProductDetails. GetDash…

EPSS: 0.880 (99.5th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

20142995/nuclei-templates
cyb3r-w0lf/nuclei-template-collection

References

www.tenable.com/security/research/tra-2022-14 (x_refsource_MISC)
www.manageengine.com/privileged-session-management/advisory/cve-2022-29081.html (x_refsource_MISC)

Frequently asked questions

What is CVE-2022-29081?: CVE-2022-29081 is a vulnerability in N/a. Published 2022-04-28.
Is CVE-2022-29081 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.