Security Advisory

CVE-2022-29081

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-04-28 19:16:57

Last updated 2024-08-03 06:10:59

Assigner mitre

State PUBLISHED

Description

Zoho ManageEngine Access Manager Plus before 4302, Password Manager Pro before 12007, and PAM360 before 5401 are vulnerable to access-control bypass on a few Rest API URLs (for SSOutAction. SSLAction. LicenseMgr. GetProductDetails. GetDashboard. FetchEvents. and Synchronize) via the ../RestAPI substring.

← Browse all CVEs View on cve.org ↗