漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
ManageEngine Applications Manager 12 and 13 is vulnerable to privilege escalation and authentication bypass
Vulnerability Description
In ManageEngine Applications Manager 12 and 13 before build 13200, an authenticated user is able to alter all of their own properties, including own group, i.e. changing their group to one with higher privileges like "ADMIN". A user is also able to change properties of another user, e.g. change another user's password.
CVSS Information
N/A
Vulnerability Type
特权管理不恰当
Vulnerability Title
ZOHO ManageEngine Applications Manager 信任管理漏洞
Vulnerability Description
ZOHO ManageEngine Applications Manager是美国卓豪(ZOHO)公司的一套应用性能监控软件。该软件可对不同的业务系统、应用和网络服务(如服务器、操作系统等)进行远程监控和管理。 ZOHO ManageEngine Applications Manager 12版本和13版本中存在信任管理漏洞。远程攻击者可利用该漏洞获取权限。
CVSS Information
N/A
Vulnerability Type
N/A