Skip to main content

ManageEngine Password Manager Pro Multiple Vulnerabilities

Release Date: 13 May 2024 2565 Views

RISK: Medium Risk

TYPE: Web services - Web Servers

TYPE: Web Servers

Multiple vulnerabilities were identified in ManageEngine Password Manager Pro. A remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, sensitive information disclosure, cross-site scripting and security restriction bypass on the targeted system.


Impact

  • Information Disclosure
  • Elevation of Privilege
  • Cross-Site Scripting
  • Security Restriction Bypass

System / Technologies affected

  • ManageEngine Password Manager Pro prior to version 12.4 (Build-12430)

Solutions

Before installation of the software, please visit the software vendor web-site for more details.

Apply fixes issued by the vendor:

  • Update to version 12.4 (Build-12430) or later

Vulnerability Identifier

  • No CVE information is available

Source


Related Link