Описание
Zohocorp ManageEngine ADManager Plus versions before 8025 are vulnerable to NTLM Hash Exposure. This vulnerability is exploitable only by technicians who have the “Impersonate as Admin” option enabled.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 8.0 (исключая)
Одно из
cpe:2.3:a:zohocorp:manageengine_admanager_plus:*:*:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:8.0:8000:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:8.0:8001:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:8.0:8002:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:8.0:8010:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:8.0:8011:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:8.0:8012:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:8.0:8020:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:8.0:8021:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:8.0:8022:*:*:*:*:*:*
EPSS
Процентиль: 9%
0.00033
Низкий
6.4 Medium
CVSS3
4.3 Medium
CVSS3
Дефекты
CWE-200
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 6.4
github
около 2 месяцев назад
Zohocorp ManageEngine ADManager Plus versions before 8025 are vulnerable to NTLM Hash Exposure. This vulnerability is exploitable only by technicians who have the “Impersonate as Admin” option enabled.
EPSS
Процентиль: 9%
0.00033
Низкий
6.4 Medium
CVSS3
4.3 Medium
CVSS3
Дефекты
CWE-200
NVD-CWE-noinfo