Skip to main content

ManageEngine Password Manager Pro Multiple Vulnerabilities

Release Date: 4 Mar 2024 1737 Views

RISK: Medium Risk

TYPE: Web services - Web Servers

TYPE: Web Servers

Multiple vulnerabilities were identified in ManageEngine Password Manager Pro. A remote attacker could exploit some of these vulnerabilities to trigger security restriction bypass, data manipulation, cross-site scripting and sensitive information disclosure on the targeted system.


Impact

  • Information Disclosure
  • Data Manipulation
  • Cross-Site Scripting
  • Security Restriction Bypass

System / Technologies affected

  • ManageEngine Password Manager Pro prior to version 12.4 (Build-12420)

Solutions

Before installation of the software, please visit the software vendor web-site for more details.

Apply fixes issued by the vendor:

  • Update to version 12.4 (Build-12420) or later

Vulnerability Identifier


Source


Related Link