Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Zoho ManageEngine Key Manager Plus 6.1.6. A user, with the level Operator, can see all SSH servers (and user information) even if no SSH server or user is associated to the operator.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ZOHO ManageEngine Key Manager Plus 安全漏洞
Vulnerability Description
ZOHO ManageEngine Key Manager Plus是卓豪(ZOHO)公司的一套基于WEB的SSH秘钥管理解决方案,它可以帮助您加固、控制、管理、监控及审计SSH秘钥,跨越秘钥的整个生命周期。它为管理员提供了可视化的SSH管理能力,帮助管理员有效控制秘钥文件的合理使用以及秘钥文件的合规性。 Zoho ManageEngine Key Manager Plus 6.1.6版本存在安全漏洞,该漏洞源于级别为Operator的用户可以查看所有SSH服务器(和用户信息)。
CVSS Information
N/A
Vulnerability Type
N/A