Manageengine Pam360 vulnerabilities
3 known vulnerabilities affecting manageengine/pam360.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2024-5546HIGHCVSS 8.8fixed in 70012024-08-28
CVE-2024-5546 [HIGH] CWE-89 CVE-2024-5546: Zohocorp ManageEngine Password Manager Pro versions before 12431 and ManageEngine PAM360 versions be
Zohocorp ManageEngine Password Manager Pro versions before 12431 and ManageEngine PAM360 versions before 7001 are affected by authenticated SQL Injection vulnerability via a global search option.
cvelistv5nvd
CVE-2024-27313MEDIUMCVSS 4.6≥ 6610, < 66112024-05-29
CVE-2024-27313 [MEDIUM] CWE-79 CVE-2024-27313: Zoho ManageEngine PAM360 is vulnerable to Stored XSS vulnerability. This vulnerability is applicable
Zoho ManageEngine PAM360 is vulnerable to Stored XSS vulnerability. This vulnerability is applicable only in the version 6610.
cvelistv5nvd
CVE-2024-27312HIGHCVSS 8.1≥ 6601, < 66022024-05-20
CVE-2024-27312 [HIGH] CWE-863 CVE-2024-27312: Zohocorp ManageEngine PAM360 version 6601 is vulnerable to authorization vulnerability which allows
Zohocorp ManageEngine PAM360 version 6601 is vulnerable to authorization vulnerability which allows a low-privileged user to perform admin actions.
Note: This vulnerability affects only the PAM360 6600 version. No other versions are applicable to this vulnerability.
cvelistv5nvd