PT-2022-16595 · Zoho · Zoho Manageengine Sharepoint Manager Plus
Sahil Dhar
·
Published
2022-03-02
·
Updated
2022-03-09
·
CVE-2022-24306
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Zoho ManageEngine SharePoint Manager Plus versions prior to 4329
Description
The issue is related to authorization being mishandled, which allows for account takeover.
Recommendations
For versions prior to 4329, update to version 4329 or later to resolve the issue.
Fix
Incorrect Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Zoho Manageengine Sharepoint Manager Plus