Zohocorp Manageengine Key Manager Plus — known CVE vulnerabilities
Every CVE whose affected-product data names Zohocorp Manageengine Key Manager Plus, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2019-12133 — CVSS 7.8 (high): Multiple Zoho ManageEngine products suffer from local privilege escalation due to improper permissions for the %SYSTEMDRIVE%\ManageEngine…
CVE-2022-24447 — CVSS 6.5 (medium): An issue was discovered in Zoho ManageEngine Key Manager Plus before 6200. A service exposed by the application allows a user, with the…
CVE-2021-28382 — CVSS 5.4 (medium): Zoho ManageEngine Key Manager Plus before 6001 allows Stored XSS on the user-management page while importing malicious user details from AD.
CVE-2022-24446 — CVSS 4.3 (medium): An issue was discovered in Zoho ManageEngine Key Manager Plus 6.1.6. A user, with the level Operator, can see all SSH servers (and user…