Zohocorp Manageengine_datasecurity_plus
6 CVEs affecting Zohocorp Manageengine_datasecurity_plus. Latest disclosed: 2023-11-15. Critical: 2, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-24786 | Critical | 9.8 | 2020-08-31 | An issue was discovered in Zoho ManageEngine Exchange Reporter Plus before build number 5510, AD360 before build number 4228, ADSelfService Plus before build n… |
CVE-2020-11532 | Critical | 9.8 | 2020-05-08 | Zoho ManageEngine DataSecurity Plus prior to 6.0.1 uses default admin credentials to communicate with a DataEngine Xnode server. This allows an attacker to byp… |
CVE-2020-11531 | High | 8.8 | 2020-05-08 | The DataEngine Xnode Server application in Zoho ManageEngine DataSecurity Plus prior to 6.0.1 does not validate the database schema name when handling a DR-SCH… |
CVE-2023-35785 | High | 8.1 | 2023-08-28 | Zoho ManageEngine Active Directory 360 versions 4315 and below, ADAudit Plus 7202 and below, ADManager Plus 7200 and below, Asset Explorer 6993 and below and 7… |
CVE-2023-6105 | Medium | 5.5 | 2023-11-15 | An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user wit… |
CVE-2019-17112 | Medium | 4.3 | 2019-10-09 | An issue was discovered in Zoho ManageEngine DataSecurity Plus before 5.0.1 5012. An exposed service allows a basic user ("Operator" access level) to access th… |