Zohocorp Manageengine_endpoint_central
8 CVEs affecting Zohocorp Manageengine_endpoint_central. Latest disclosed: 2025-10-27. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-38868 | High | 7.6 | 2024-08-30 | Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability while isolating the devices.This issue affects Endpoint Central: befor… |
CVE-2024-10203 | High | 7.0 | 2024-11-07 | Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below, 11.3.2428.9 and below are vulnerable to Arbitrary File Deletion in the agent installed… |
CVE-2023-6105 | Medium | 5.5 | 2023-11-15 | An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user wit… |
CVE-2025-7473 | Medium | 5.2 | 2025-10-21 | Zohocorp ManageEngine EndPoint Central versions 11.4.2516.1 and prior are vulnerable to XML Injection. |
CVE-2025-5494 | Low | 3.9 | 2025-09-25 | ZohoCorp ManageEngine Endpoint Central was impacted by an improper privilege management issue in the agent setup. This issue affects Endpoint Central: through… |
CVE-2024-9097 | Low | 3.5 | 2025-02-05 | ManageEngine Endpoint Central versions before 11.3.2440.09 are vulnerable to IDOR vulnerability which allows the attacker to change the username in the chat. |
CVE-2025-5496 | Low | 3.3 | 2025-10-21 | ZohoCorp ManageEngine Endpoint Central versions earlier than 11.4.2508.14, 11.4.2516.06, and 11.4.2518.01 are affected by an arbitrary file deletion vulnerabil… |
CVE-2025-11248 | Low | 3.2 | 2025-10-27 | ZohoCorp ManageEngine Endpoint Central versions prior to 11.4.2528.05 are vulnerable to a sensitive information logging issue. An authenticated user with acces… |