CVE-2022-35404

CVSS v3.1

8.2

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

Name of the Vulnerable Software and Affected Versions ManageEngine Password Manager Pro versions 12100 and prior ManageEngine OPManager versions 126100 and prior

Description The issue allows for unauthorized file and directory creation on a server machine.

Recommendations For ManageEngine Password Manager Pro versions 12100 and prior, update to a version later than 12100 to resolve the issue. For ManageEngine OPManager versions 126100 and prior, update to a version later than 126100 to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2022-35404

Affected Products

Manageengine Opmanager

Manageengine Password Manager Pro

CVE-2022-35404

Weakness Enumeration

Related Identifiers

Affected Products

References · 6