Security Advisory

CVE-2023-2291

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-04-26 00:00:00

Last updated 2025-02-03 17:31:55

Assigner tenable

State PUBLISHED

Description

Static credentials exist in the PostgreSQL data used in ManageEngine Access Manager Plus (AMP) build 4309, ManageEngine Password Manager Pro, and ManageEngine PAM360. These credentials could allow a malicious actor to modify configuration data that would escalate their permissions from that of a low-privileged user to an Administrative user.

← Browse all CVEs View on cve.org ↗