Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Zoho Remote Access Plus Server Windows Desktop binary fixed in version 10.1.2132 is affected by an unauthorized password reset vulnerability. Because of the designed password reset mechanism, any non-admin Windows user can reset the password of the Remote Access Plus Server Admin account.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:L
Vulnerability Type
N/A
Vulnerability Title
ZOHO ManageEngine Remote Access Plus 安全漏洞
Vulnerability Description
ZOHO ManageEngine Remote Access Plus是美国卓豪(ZOHO)公司的一套远程访问解决方案。 ZOHO ManageEngine Remote Access Plus Server 10.1.2132之前版本存在安全漏洞,该漏洞源于未经授权的密码重置机制。攻击者可利用该漏洞重置服务器管理员帐户的密码。
CVSS Information
N/A
Vulnerability Type
N/A