Zohocorp Manageengine Datasecurity Plus — known CVE vulnerabilities
Every CVE whose affected-product data names Zohocorp Manageengine Datasecurity Plus, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2020-11532 — CVSS 9.8 (critical): Zoho ManageEngine DataSecurity Plus prior to 6.0.1 uses default admin credentials to communicate with a DataEngine Xnode server. This…
CVE-2020-24786 — CVSS 9.8 (critical): An issue was discovered in Zoho ManageEngine Exchange Reporter Plus before build number 5510, AD360 before build number 4228, ADSelfService…
CVE-2020-11531 — CVSS 8.8 (high): The DataEngine Xnode Server application in Zoho ManageEngine DataSecurity Plus prior to 6.0.1 does not validate the database schema name…
CVE-2023-35785 — CVSS 8.1 (high): Zoho ManageEngine Active Directory 360 versions 4315 and below, ADAudit Plus 7202 and below, ADManager Plus 7200 and below, Asset Explorer…
CVE-2023-6105 — CVSS 5.5 (medium): An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A…
CVE-2019-17112 — CVSS 4.3 (medium): An issue was discovered in Zoho ManageEngine DataSecurity Plus before 5.0.1 5012. An exposed service allows a basic user ("Operator" access…