ZDI-22-1119 - Zohocorp Manageengine Opmanager Plus, Zohocorp Manageengine Opmanager Msp and Zohocorp Manageengine Oputils

August 18, 2022

Critical 9.8

This vulnerability allows remote attackers to bypass authentication on affected installations of ManageEngine Network Configuration Manager. Authentication is not required to exploit this vulnerability.

Affected software

Zohocorp Manageengine Opmanager Plus

Zohocorp Manageengine Opmanager Msp

Zohocorp Manageengine Oputils

Zohocorp Manageengine Netflow Analyzer

Zohocorp Manageengine Firewall Analyzer

Zohocorp Manageengine Network Configuration Manager

Zohocorp Manageengine Opmanager

Reference links

https://www.manageengine.com/itom/advisory/cve-2022-36923.html
http://www.zerodayinitiative.com/advisories/ZDI-22-1119/

ZDI-22-1119 - Zohocorp Manageengine Opmanager Plus, Zohocorp Manageengine Opmanager Msp and Zohocorp Manageengine Oputils

Affected software

Reference links

Get alerted to vulnerabilities in your software