Skip to main content

ManageEngine Password Manager Pro Multiple Vulnerabilities

Release Date: 14 Dec 2023 5084 Views

RISK: Medium Risk

TYPE: Web services - Web Servers

TYPE: Web Servers

Multiple vulnerabilities were identified in ManageEngine Password Manager Pro. A remote attacker could exploit some of these vulnerabilities to trigger data manipulation, cross-site scripting and sensitive information disclosure on the targeted system.


Impact

  • Information Disclosure
  • Data Manipulation
  • Cross-Site Scripting

System / Technologies affected

  • ManageEngine Password Manager Pro prior to version 12.4 (Build-12410)

Solutions

Before installation of the software, please visit the software vendor web-site for more details.

Apply fixes issued by the vendor:

  • Update to version 12.4 (Build-12410) or later

Vulnerability Identifier


Source


Related Link