Manageengine_network_configuration_manager - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Manageengine_network_configuration_manager
(Zohocorp)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	14

Date	Id	Summary	Products	Score	Patch	Annotated
2023-11-15	CVE-2023-6105	An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database passwords. This allows the user to access the ManageEngine product database.	Manageengine_access_manager_plus, Manageengine_adaudit_plus, Manageengine_admanager_plus, Manageengine_adselfservice_plus, Manageengine_analytics_plus, Manageengine_appcreator, Manageengine_application_control_plus, Manageengine_assetexplorer, Manageengine_browser_security_plus, Manageengine_cloud_security_plus, Manageengine_datasecurity_plus, Manageengine_device_control_plus, Manageengine_endpoint_central, Manageengine_endpoint_central_msp, Manageengine_endpoint_dlp_plus, Manageengine_exchange_reporter_plus, Manageengine_firewall_analyzer, Manageengine_log360_ueba, Manageengine_m365_manager_plus, Manageengine_m365_security_plus, Manageengine_mobile_device_manager_plus, Manageengine_netflow_analyzer, Manageengine_network_configuration_manager, Manageengine_opmanager, Manageengine_oputils, Manageengine_os_deployer, Manageengine_pam360, Manageengine_password_manager_pro, Manageengine_patch_connect_plus, Manageengine_patch_manager_plus, Manageengine_recoverymanager_plus, Manageengine_remote_access_plus, Manageengine_remote_monitoring_and_management, Manageengine_secure_gateway_server, Manageengine_servicedesk_plus, Manageengine_servicedesk_plus_msp, Manageengine_sharepoint_manager_plus, Manageengine_supportcenter_plus, Manageengine_vulnerability_manager_plus	5.5
2021-11-11	CVE-2021-41080	Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a hardware details search.	Manageengine_network_configuration_manager	9.8
2021-11-11	CVE-2021-41081	Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a configuration search.	Manageengine_network_configuration_manager	9.8
2021-11-30	CVE-2021-43319	Zoho ManageEngine Network Configuration Manager before 125488 is vulnerable to command injection due to improper validation in the Ping functionality.	Manageengine_network_configuration_manager	9.8