CVE-2022-36923 - Zohocorp Manageengine Opmanager Plus, Zohocorp Manageengine Opmanager Msp and Zohocorp Manageengine Oputils
Critical 7.5
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated attackers to obtain a user's API key, and then access external APIs.
Affected software
Zohocorp Manageengine Opmanager Plus
Zohocorp Manageengine Opmanager Msp
Zohocorp Manageengine Oputils
Zohocorp Manageengine Netflow Analyzer
Zohocorp Manageengine Firewall Analyzer
Zohocorp Manageengine Network Configuration Manager
Zohocorp Manageengine Opmanager