CVE-2015-7765

Name of the Vulnerable Software and Affected Versions ZOHO ManageEngine OpManager versions 11.5 build 11600 and earlier

Description The issue allows remote authenticated users to obtain administrator access by leveraging knowledge of a hardcoded password. The hardcoded password is used for the IntegrationUser account.

Recommendations For ZOHO ManageEngine OpManager versions 11.5 build 11600 and earlier, change the hardcoded password plugin for the IntegrationUser account to a unique and secure password to prevent unauthorized access. As a temporary workaround, consider restricting access to the IntegrationUser account until a secure password is set.