Manageengine Endpoint Central vulnerabilities
4 known vulnerabilities affecting manageengine/endpoint_central.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2024-9097MEDIUMCVSS 4.3fixed in 11.3.2440.092025-02-05
CVE-2024-9097 [LOW] CWE-639 CVE-2024-9097: ManageEngine Endpoint Central versions before 11.3.2440.09 are vulnerable to IDOR vulnerability whic
ManageEngine Endpoint Central versions before 11.3.2440.09 are vulnerable to IDOR vulnerability which allows the attacker to change the username in the chat.
cvelistv5nvd
CVE-2024-10203HIGHCVSS 7.8fixed in 11.3.2416.22fixed in 11.3.2428.102024-11-07
CVE-2024-10203 [HIGH] CWE-269 CVE-2024-10203: Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below, 11.3.2428.9 and below are vu
Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below, 11.3.2428.9 and below are vulnerable to Arbitrary File Deletion in the agent installed machines.
cvelistv5nvd
CVE-2024-38868HIGHCVSS 8.3fixed in 11.3.2406.08fixed in 11.3.2400.152024-08-30
CVE-2024-38868 [HIGH] CWE-863 CVE-2024-38868: Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability while isola
Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability while isolating the devices.This issue affects Endpoint Central: before 11.3.2406.08 and before 11.3.2400.15
cvelistv5nvd
CVE-2024-38869MEDIUMCVSS 5.4fixed in 11.3.2416.04fixed in 11.3.2400.252024-08-23
CVE-2024-38869 [HIGH] CWE-863 CVE-2024-38869: Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability in remote o
Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability in remote office deploy configurations.This issue affects Endpoint Central: before 11.3.2416.04 and before 11.3.2400.25.
cvelistv5nvd