Manageengine_network_configuration_manager - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Manageengine_network_configuration_manager
(Zohocorp)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	14

Date	Id	Summary	Products	Score	Patch	Annotated
2023-08-04	CVE-2023-29505	An issue was discovered in Zoho ManageEngine Network Configuration Manager 12.6.165. The WebSocket endpoint allows Cross-site WebSocket hijacking.	Manageengine_network_configuration_manager	8.8
2023-11-15	CVE-2023-6105	An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database passwords. This allows the user to access the ManageEngine product database.	Manageengine_access_manager_plus, Manageengine_adaudit_plus, Manageengine_admanager_plus, Manageengine_adselfservice_plus, Manageengine_analytics_plus, Manageengine_appcreator, Manageengine_application_control_plus, Manageengine_assetexplorer, Manageengine_browser_security_plus, Manageengine_cloud_security_plus, Manageengine_datasecurity_plus, Manageengine_device_control_plus, Manageengine_endpoint_central, Manageengine_endpoint_central_msp, Manageengine_endpoint_dlp_plus, Manageengine_exchange_reporter_plus, Manageengine_firewall_analyzer, Manageengine_log360_ueba, Manageengine_m365_manager_plus, Manageengine_m365_security_plus, Manageengine_mobile_device_manager_plus, Manageengine_netflow_analyzer, Manageengine_network_configuration_manager, Manageengine_opmanager, Manageengine_oputils, Manageengine_os_deployer, Manageengine_pam360, Manageengine_password_manager_pro, Manageengine_patch_connect_plus, Manageengine_patch_manager_plus, Manageengine_recoverymanager_plus, Manageengine_remote_access_plus, Manageengine_remote_monitoring_and_management, Manageengine_secure_gateway_server, Manageengine_servicedesk_plus, Manageengine_servicedesk_plus_msp, Manageengine_sharepoint_manager_plus, Manageengine_supportcenter_plus, Manageengine_vulnerability_manager_plus	5.5
2021-11-11	CVE-2021-41080	Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a hardware details search.	Manageengine_network_configuration_manager	9.8
2021-11-11	CVE-2021-41081	Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a configuration search.	Manageengine_network_configuration_manager	9.8