CVE-2024-36037 — Incorrect Authorization in Adaudit Plus

Severity

5.5MEDIUMNVD

EPSS

0.1%

top 70.99%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedMay 27

Description

Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session recordings.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

CVEList

Insufficient Access Control Vulnerability↗2024-05-27

▶