Search criteria
16 vulnerabilities found for manageengine_endpoint_central by zohocorp
CVE-2025-11248 (GCVE-0-2025-11248)
Vulnerability from nvd – Published: 2025-10-27 12:56 – Updated: 2025-10-27 15:07
VLAI?
Title
Sensitive Information Logged
Summary
ZohoCorp ManageEngine Endpoint Central versions prior to 11.4.2528.05 are vulnerable to a sensitive information logging issue. An authenticated user with access to the logs could potentially obtain the sensitive agent token.
Severity ?
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zohocorp | ManageEngine Endpoint Central |
Affected:
0 , < 11.4.2528.05
(11.4.2528.05)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11248",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-27T15:07:12.056495Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-27T15:07:22.584Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ManageEngine Endpoint Central",
"vendor": "Zohocorp",
"versions": [
{
"lessThan": "11.4.2528.05",
"status": "affected",
"version": "0",
"versionType": "11.4.2528.05"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_endpoint_central:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.4.2528.05",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "ZohoCorp ManageEngine Endpoint Central versions prior to \u003cstrong\u003e11.4.2528.05\u003c/strong\u003e are vulnerable to a sensitive information logging issue. An authenticated user with access to the logs could potentially obtain the sensitive agent token.\u003cbr\u003e"
}
],
"value": "ZohoCorp ManageEngine Endpoint Central versions prior to 11.4.2528.05 are vulnerable to a sensitive information logging issue. An authenticated user with access to the logs could potentially obtain the sensitive agent token."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.2,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-27T12:56:35.389Z",
"orgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"shortName": "Zohocorp"
},
"references": [
{
"url": "https://www.manageengine.com/products/desktop-central/CVE-2025-11248.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Sensitive Information Logged",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"assignerShortName": "Zohocorp",
"cveId": "CVE-2025-11248",
"datePublished": "2025-10-27T12:56:35.389Z",
"dateReserved": "2025-10-03T05:57:15.206Z",
"dateUpdated": "2025-10-27T15:07:22.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-7473 (GCVE-0-2025-7473)
Vulnerability from nvd – Published: 2025-10-21 10:58 – Updated: 2025-10-21 13:24
VLAI?
Title
XML Injection
Summary
Zohocorp ManageEngine EndPoint Central versions 11.4.2516.1 and prior are vulnerable to XML Injection.
Severity ?
5.2 (Medium)
CWE
- CWE-91 - XML Injection (aka Blind XPath Injection)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zohocorp | Endpoint Central |
Affected:
0 , ≤ 11.4.2516.1
(11.4.2516.1)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7473",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-21T13:24:23.990497Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T13:24:38.046Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Endpoint Central",
"vendor": "Zohocorp",
"versions": [
{
"lessThanOrEqual": "11.4.2516.1",
"status": "affected",
"version": "0",
"versionType": "11.4.2516.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Zohocorp ManageEngine EndPoint Central versions\u0026nbsp;11.4.2516.1 and prior are vulnerable to XML Injection."
}
],
"value": "Zohocorp ManageEngine EndPoint Central versions\u00a011.4.2516.1 and prior are vulnerable to XML Injection."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-91",
"description": "CWE-91 XML Injection (aka Blind XPath Injection)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T10:58:47.949Z",
"orgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"shortName": "Zohocorp"
},
"references": [
{
"url": "https://www.manageengine.com/products/desktop-central/parsing-xml-data.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "XML Injection",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"assignerShortName": "Zohocorp",
"cveId": "CVE-2025-7473",
"datePublished": "2025-10-21T10:58:47.949Z",
"dateReserved": "2025-07-11T12:34:38.612Z",
"dateUpdated": "2025-10-21T13:24:38.046Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5496 (GCVE-0-2025-5496)
Vulnerability from nvd – Published: 2025-10-21 10:04 – Updated: 2025-10-21 13:31
VLAI?
Title
Arbitrary File Deletion
Summary
ZohoCorp ManageEngine Endpoint Central versions earlier than 11.4.2508.14, 11.4.2516.06, and 11.4.2518.01 are affected by an arbitrary file deletion vulnerability in the agent setup component.
Severity ?
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zohocorp | Endpoint Central |
Affected:
0 , < 11.4.2508.14
(11.4.2518.01)
Affected: 0 , < 11.4.2516.06 (11.4.2508.14) Affected: 0 , < 11.4.2518.01 (11.4.2508.14) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5496",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-21T13:31:09.600760Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T13:31:28.145Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Endpoint Central",
"vendor": "Zohocorp",
"versions": [
{
"lessThan": "11.4.2508.14",
"status": "affected",
"version": "0",
"versionType": "11.4.2518.01"
},
{
"lessThan": "11.4.2516.06",
"status": "affected",
"version": "0",
"versionType": "11.4.2508.14"
},
{
"lessThan": "11.4.2518.01",
"status": "affected",
"version": "0",
"versionType": "11.4.2508.14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "ZohoCorp ManageEngine Endpoint Central versions earlier than 11.4.2508.14, 11.4.2516.06, and 11.4.2518.01 are affected by an arbitrary file deletion vulnerability in the agent setup component.\u003cbr\u003e"
}
],
"value": "ZohoCorp ManageEngine Endpoint Central versions earlier than 11.4.2508.14, 11.4.2516.06, and 11.4.2518.01 are affected by an arbitrary file deletion vulnerability in the agent setup component."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T10:04:08.316Z",
"orgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"shortName": "Zohocorp"
},
"references": [
{
"url": "https://www.manageengine.com/products/desktop-central/kb/arbitrary-file-deletion-allows-local-privilege-escalation.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Arbitrary File Deletion",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"assignerShortName": "Zohocorp",
"cveId": "CVE-2025-5496",
"datePublished": "2025-10-21T10:04:08.316Z",
"dateReserved": "2025-06-03T05:05:29.333Z",
"dateUpdated": "2025-10-21T13:31:28.145Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5494 (GCVE-0-2025-5494)
Vulnerability from nvd – Published: 2025-09-25 13:11 – Updated: 2025-09-25 15:15
VLAI?
Title
Privilege Escalation
Summary
ZohoCorp ManageEngine Endpoint Central was impacted by an improper privilege management issue in the agent setup.
This issue affects Endpoint Central: through 11.4.2500.25, through 11.4.2508.13.
Severity ?
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zohocorp | Endpoint Central |
Affected:
0 , ≤ 11.4.2500.25
(11.4.2500.25)
Affected: 0 , ≤ 11.4.2508.13 (11.4.2508.13) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5494",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-25T15:15:12.267361Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-25T15:15:34.354Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Endpoint Central",
"vendor": "Zohocorp",
"versions": [
{
"lessThanOrEqual": "11.4.2500.25",
"status": "affected",
"version": "0",
"versionType": "11.4.2500.25"
},
{
"lessThanOrEqual": "11.4.2508.13",
"status": "affected",
"version": "0",
"versionType": "11.4.2508.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eZohoCorp ManageEngine Endpoint Central was impacted by an improper privilege management issue in the agent setup.\u003c/p\u003e\u003cp\u003eThis issue affects Endpoint Central: through 11.4.2500.25, through 11.4.2508.13.\u003c/p\u003e"
}
],
"value": "ZohoCorp ManageEngine Endpoint Central was impacted by an improper privilege management issue in the agent setup.\n\nThis issue affects Endpoint Central: through 11.4.2500.25, through 11.4.2508.13."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.9,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-25T13:11:49.423Z",
"orgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"shortName": "Zohocorp"
},
"references": [
{
"url": "https://www.manageengine.com/products/desktop-central/privilege-escalation-endpointcentral-agent.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Privilege Escalation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"assignerShortName": "Zohocorp",
"cveId": "CVE-2025-5494",
"datePublished": "2025-09-25T13:11:49.423Z",
"dateReserved": "2025-06-03T04:57:16.858Z",
"dateUpdated": "2025-09-25T15:15:34.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9097 (GCVE-0-2024-9097)
Vulnerability from nvd – Published: 2025-02-05 12:40 – Updated: 2025-02-12 20:51
VLAI?
Title
IDOR
Summary
ManageEngine Endpoint Central versions before 11.3.2440.09 are vulnerable to IDOR vulnerability which allows the attacker to change the username in the chat.
Severity ?
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ManageEngine | Endpoint Central |
Affected:
0 , < 11.3.2440.09
(11.3.2440.09)
|
Credits
Vishnu Das from Temenos
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9097",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T13:56:34.454181Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:51:30.048Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.manageengine.com/products/desktop-central/",
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Endpoint Central",
"vendor": "ManageEngine",
"versions": [
{
"lessThan": "11.3.2440.09",
"status": "affected",
"version": "0",
"versionType": "11.3.2440.09"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Vishnu Das from Temenos"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "ManageEngine Endpoint Central versions before\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e11.3.2440.09 are vulnerable to IDOR vulnerability which allows the attacker to change the username in the chat.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "ManageEngine Endpoint Central versions before\u00a011.3.2440.09 are vulnerable to IDOR vulnerability which allows the attacker to change the username in the chat."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T12:40:15.257Z",
"orgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"shortName": "ManageEngine"
},
"references": [
{
"url": "https://www.manageengine.com/products/desktop-central/cve-2024-9097.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "IDOR",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"assignerShortName": "ManageEngine",
"cveId": "CVE-2024-9097",
"datePublished": "2025-02-05T12:40:15.257Z",
"dateReserved": "2024-09-23T04:18:05.868Z",
"dateUpdated": "2025-02-12T20:51:30.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-10203 (GCVE-0-2024-10203)
Vulnerability from nvd – Published: 2024-11-07 09:20 – Updated: 2024-11-07 14:27
VLAI?
Title
Agent Arbitrary File Deletion
Summary
Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below, 11.3.2428.9 and below are vulnerable to Arbitrary File Deletion in the agent installed machines.
Severity ?
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ManageEngine | EndPoint Central |
Affected:
0 , < 11.3.2416.22
(11.3.2416.21)
Affected: 0 , < 11.3.2428.10 (11.3.2416.22) |
Credits
Brenden Meeder
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:zohocorp:manageengine_endpoint_central:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "manageengine_endpoint_central",
"vendor": "zohocorp",
"versions": [
{
"lessThan": "11.3.2416.22",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.3.2428.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-10203",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T14:14:19.663318Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T14:27:15.677Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EndPoint Central",
"vendor": "ManageEngine",
"versions": [
{
"lessThan": "11.3.2416.22",
"status": "affected",
"version": "0",
"versionType": "11.3.2416.21"
},
{
"lessThan": "11.3.2428.10",
"status": "affected",
"version": "0",
"versionType": "11.3.2416.22"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Brenden Meeder"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below, 11.3.2428.9 and below are vulnerable to Arbitrary File Deletion in the agent installed machines.\u003cbr\u003e"
}
],
"value": "Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below, 11.3.2428.9 and below are vulnerable to Arbitrary File Deletion in the agent installed machines."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T09:20:07.450Z",
"orgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"shortName": "ManageEngine"
},
"references": [
{
"url": "https://www.manageengine.com/products/desktop-central/cve-2024-10203.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Agent Arbitrary File Deletion",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"assignerShortName": "ManageEngine",
"cveId": "CVE-2024-10203",
"datePublished": "2024-11-07T09:20:07.450Z",
"dateReserved": "2024-10-21T04:28:34.057Z",
"dateUpdated": "2024-11-07T14:27:15.677Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38868 (GCVE-0-2024-38868)
Vulnerability from nvd – Published: 2024-08-30 17:44 – Updated: 2024-08-30 17:59
VLAI?
Title
Incorrect Authorization
Summary
Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability while isolating the devices.This issue affects Endpoint Central: before 11.3.2406.08 and before 11.3.2400.15
Severity ?
7.6 (High)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ManageEngine | Endpoint Central |
Affected:
0 , < 11.3.2406.08
(11.3.2416.04)
Affected: 0 , < 11.3.2400.15 (11.3.2400.25) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38868",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-30T17:59:35.976253Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T17:59:41.602Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.manageengine.com/?pos=EndpointCentral",
"defaultStatus": "unaffected",
"product": "Endpoint Central",
"vendor": "ManageEngine",
"versions": [
{
"lessThan": "11.3.2406.08",
"status": "affected",
"version": "0",
"versionType": "11.3.2416.04"
},
{
"lessThan": "11.3.2400.15",
"status": "affected",
"version": "0",
"versionType": "11.3.2400.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Zohocorp ManageEngine Endpoint Central affected by\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIncorrect authorization vulnerability while isolating the devices.\u003c/span\u003e\u003cp\u003eThis issue affects Endpoint Central: before 11.3.2406.08 and before 11.3.2400.15\u003c/p\u003e"
}
],
"value": "Zohocorp ManageEngine Endpoint Central affected by\u00a0Incorrect authorization vulnerability while isolating the devices.This issue affects Endpoint Central: before 11.3.2406.08 and before 11.3.2400.15"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T17:44:38.932Z",
"orgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"shortName": "ManageEngine"
},
"references": [
{
"url": "https://www.manageengine.com/products/desktop-central/security-updates-ngav.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Incorrect Authorization",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"assignerShortName": "ManageEngine",
"cveId": "CVE-2024-38868",
"datePublished": "2024-08-30T17:44:38.932Z",
"dateReserved": "2024-06-20T13:15:39.620Z",
"dateUpdated": "2024-08-30T17:59:41.602Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6105 (GCVE-0-2023-6105)
Vulnerability from nvd – Published: 2023-11-15 20:57 – Updated: 2025-02-13 17:26
VLAI?
Title
ManageEngine Information Disclosure in Multiple Products
Summary
An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database passwords. This allows the user to access the ManageEngine product database.
Severity ?
5.5 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ManageEngine | Service Desk Plus |
Affected:
0 , < 14304
(custom)
|
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:21:17.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2023-35"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.manageengine.com/security/advisory/CVE/CVE-2023-6105.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Service Desk Plus",
"vendor": "ManageEngine",
"versions": [
{
"lessThan": "14304",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Asset Explorer",
"vendor": "ManageEngine",
"versions": [
{
"lessThan": "7004",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Access Manager Plus",
"vendor": "ManageEngine",
"versions": [
{
"lessThan": "14304",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database passwords. This allows the user to access the ManageEngine product database.\u003cbr\u003e"
}
],
"value": "An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database passwords. This allows the user to access the ManageEngine product database."
}
],
"impacts": [
{
"capecId": "CAPEC-176",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-176 Configuration/Environment Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-26T19:58:04.015Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"url": "https://www.tenable.com/security/research/tra-2023-35"
},
{
"url": "https://www.manageengine.com/security/advisory/CVE/CVE-2023-6105.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "ManageEngine Information Disclosure in Multiple Products",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2023-6105",
"datePublished": "2023-11-15T20:57:47.981Z",
"dateReserved": "2023-11-13T15:10:28.339Z",
"dateUpdated": "2025-02-13T17:26:03.759Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-11248 (GCVE-0-2025-11248)
Vulnerability from cvelistv5 – Published: 2025-10-27 12:56 – Updated: 2025-10-27 15:07
VLAI?
Title
Sensitive Information Logged
Summary
ZohoCorp ManageEngine Endpoint Central versions prior to 11.4.2528.05 are vulnerable to a sensitive information logging issue. An authenticated user with access to the logs could potentially obtain the sensitive agent token.
Severity ?
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zohocorp | ManageEngine Endpoint Central |
Affected:
0 , < 11.4.2528.05
(11.4.2528.05)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11248",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-27T15:07:12.056495Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-27T15:07:22.584Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ManageEngine Endpoint Central",
"vendor": "Zohocorp",
"versions": [
{
"lessThan": "11.4.2528.05",
"status": "affected",
"version": "0",
"versionType": "11.4.2528.05"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_endpoint_central:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.4.2528.05",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "ZohoCorp ManageEngine Endpoint Central versions prior to \u003cstrong\u003e11.4.2528.05\u003c/strong\u003e are vulnerable to a sensitive information logging issue. An authenticated user with access to the logs could potentially obtain the sensitive agent token.\u003cbr\u003e"
}
],
"value": "ZohoCorp ManageEngine Endpoint Central versions prior to 11.4.2528.05 are vulnerable to a sensitive information logging issue. An authenticated user with access to the logs could potentially obtain the sensitive agent token."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.2,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-27T12:56:35.389Z",
"orgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"shortName": "Zohocorp"
},
"references": [
{
"url": "https://www.manageengine.com/products/desktop-central/CVE-2025-11248.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Sensitive Information Logged",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"assignerShortName": "Zohocorp",
"cveId": "CVE-2025-11248",
"datePublished": "2025-10-27T12:56:35.389Z",
"dateReserved": "2025-10-03T05:57:15.206Z",
"dateUpdated": "2025-10-27T15:07:22.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-7473 (GCVE-0-2025-7473)
Vulnerability from cvelistv5 – Published: 2025-10-21 10:58 – Updated: 2025-10-21 13:24
VLAI?
Title
XML Injection
Summary
Zohocorp ManageEngine EndPoint Central versions 11.4.2516.1 and prior are vulnerable to XML Injection.
Severity ?
5.2 (Medium)
CWE
- CWE-91 - XML Injection (aka Blind XPath Injection)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zohocorp | Endpoint Central |
Affected:
0 , ≤ 11.4.2516.1
(11.4.2516.1)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7473",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-21T13:24:23.990497Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T13:24:38.046Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Endpoint Central",
"vendor": "Zohocorp",
"versions": [
{
"lessThanOrEqual": "11.4.2516.1",
"status": "affected",
"version": "0",
"versionType": "11.4.2516.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Zohocorp ManageEngine EndPoint Central versions\u0026nbsp;11.4.2516.1 and prior are vulnerable to XML Injection."
}
],
"value": "Zohocorp ManageEngine EndPoint Central versions\u00a011.4.2516.1 and prior are vulnerable to XML Injection."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-91",
"description": "CWE-91 XML Injection (aka Blind XPath Injection)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T10:58:47.949Z",
"orgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"shortName": "Zohocorp"
},
"references": [
{
"url": "https://www.manageengine.com/products/desktop-central/parsing-xml-data.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "XML Injection",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"assignerShortName": "Zohocorp",
"cveId": "CVE-2025-7473",
"datePublished": "2025-10-21T10:58:47.949Z",
"dateReserved": "2025-07-11T12:34:38.612Z",
"dateUpdated": "2025-10-21T13:24:38.046Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5496 (GCVE-0-2025-5496)
Vulnerability from cvelistv5 – Published: 2025-10-21 10:04 – Updated: 2025-10-21 13:31
VLAI?
Title
Arbitrary File Deletion
Summary
ZohoCorp ManageEngine Endpoint Central versions earlier than 11.4.2508.14, 11.4.2516.06, and 11.4.2518.01 are affected by an arbitrary file deletion vulnerability in the agent setup component.
Severity ?
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zohocorp | Endpoint Central |
Affected:
0 , < 11.4.2508.14
(11.4.2518.01)
Affected: 0 , < 11.4.2516.06 (11.4.2508.14) Affected: 0 , < 11.4.2518.01 (11.4.2508.14) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5496",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-21T13:31:09.600760Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T13:31:28.145Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Endpoint Central",
"vendor": "Zohocorp",
"versions": [
{
"lessThan": "11.4.2508.14",
"status": "affected",
"version": "0",
"versionType": "11.4.2518.01"
},
{
"lessThan": "11.4.2516.06",
"status": "affected",
"version": "0",
"versionType": "11.4.2508.14"
},
{
"lessThan": "11.4.2518.01",
"status": "affected",
"version": "0",
"versionType": "11.4.2508.14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "ZohoCorp ManageEngine Endpoint Central versions earlier than 11.4.2508.14, 11.4.2516.06, and 11.4.2518.01 are affected by an arbitrary file deletion vulnerability in the agent setup component.\u003cbr\u003e"
}
],
"value": "ZohoCorp ManageEngine Endpoint Central versions earlier than 11.4.2508.14, 11.4.2516.06, and 11.4.2518.01 are affected by an arbitrary file deletion vulnerability in the agent setup component."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T10:04:08.316Z",
"orgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"shortName": "Zohocorp"
},
"references": [
{
"url": "https://www.manageengine.com/products/desktop-central/kb/arbitrary-file-deletion-allows-local-privilege-escalation.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Arbitrary File Deletion",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"assignerShortName": "Zohocorp",
"cveId": "CVE-2025-5496",
"datePublished": "2025-10-21T10:04:08.316Z",
"dateReserved": "2025-06-03T05:05:29.333Z",
"dateUpdated": "2025-10-21T13:31:28.145Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5494 (GCVE-0-2025-5494)
Vulnerability from cvelistv5 – Published: 2025-09-25 13:11 – Updated: 2025-09-25 15:15
VLAI?
Title
Privilege Escalation
Summary
ZohoCorp ManageEngine Endpoint Central was impacted by an improper privilege management issue in the agent setup.
This issue affects Endpoint Central: through 11.4.2500.25, through 11.4.2508.13.
Severity ?
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zohocorp | Endpoint Central |
Affected:
0 , ≤ 11.4.2500.25
(11.4.2500.25)
Affected: 0 , ≤ 11.4.2508.13 (11.4.2508.13) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5494",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-25T15:15:12.267361Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-25T15:15:34.354Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Endpoint Central",
"vendor": "Zohocorp",
"versions": [
{
"lessThanOrEqual": "11.4.2500.25",
"status": "affected",
"version": "0",
"versionType": "11.4.2500.25"
},
{
"lessThanOrEqual": "11.4.2508.13",
"status": "affected",
"version": "0",
"versionType": "11.4.2508.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eZohoCorp ManageEngine Endpoint Central was impacted by an improper privilege management issue in the agent setup.\u003c/p\u003e\u003cp\u003eThis issue affects Endpoint Central: through 11.4.2500.25, through 11.4.2508.13.\u003c/p\u003e"
}
],
"value": "ZohoCorp ManageEngine Endpoint Central was impacted by an improper privilege management issue in the agent setup.\n\nThis issue affects Endpoint Central: through 11.4.2500.25, through 11.4.2508.13."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.9,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-25T13:11:49.423Z",
"orgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"shortName": "Zohocorp"
},
"references": [
{
"url": "https://www.manageengine.com/products/desktop-central/privilege-escalation-endpointcentral-agent.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Privilege Escalation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"assignerShortName": "Zohocorp",
"cveId": "CVE-2025-5494",
"datePublished": "2025-09-25T13:11:49.423Z",
"dateReserved": "2025-06-03T04:57:16.858Z",
"dateUpdated": "2025-09-25T15:15:34.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9097 (GCVE-0-2024-9097)
Vulnerability from cvelistv5 – Published: 2025-02-05 12:40 – Updated: 2025-02-12 20:51
VLAI?
Title
IDOR
Summary
ManageEngine Endpoint Central versions before 11.3.2440.09 are vulnerable to IDOR vulnerability which allows the attacker to change the username in the chat.
Severity ?
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ManageEngine | Endpoint Central |
Affected:
0 , < 11.3.2440.09
(11.3.2440.09)
|
Credits
Vishnu Das from Temenos
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9097",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T13:56:34.454181Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:51:30.048Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.manageengine.com/products/desktop-central/",
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Endpoint Central",
"vendor": "ManageEngine",
"versions": [
{
"lessThan": "11.3.2440.09",
"status": "affected",
"version": "0",
"versionType": "11.3.2440.09"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Vishnu Das from Temenos"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "ManageEngine Endpoint Central versions before\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e11.3.2440.09 are vulnerable to IDOR vulnerability which allows the attacker to change the username in the chat.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "ManageEngine Endpoint Central versions before\u00a011.3.2440.09 are vulnerable to IDOR vulnerability which allows the attacker to change the username in the chat."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T12:40:15.257Z",
"orgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"shortName": "ManageEngine"
},
"references": [
{
"url": "https://www.manageengine.com/products/desktop-central/cve-2024-9097.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "IDOR",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"assignerShortName": "ManageEngine",
"cveId": "CVE-2024-9097",
"datePublished": "2025-02-05T12:40:15.257Z",
"dateReserved": "2024-09-23T04:18:05.868Z",
"dateUpdated": "2025-02-12T20:51:30.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-10203 (GCVE-0-2024-10203)
Vulnerability from cvelistv5 – Published: 2024-11-07 09:20 – Updated: 2024-11-07 14:27
VLAI?
Title
Agent Arbitrary File Deletion
Summary
Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below, 11.3.2428.9 and below are vulnerable to Arbitrary File Deletion in the agent installed machines.
Severity ?
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ManageEngine | EndPoint Central |
Affected:
0 , < 11.3.2416.22
(11.3.2416.21)
Affected: 0 , < 11.3.2428.10 (11.3.2416.22) |
Credits
Brenden Meeder
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:zohocorp:manageengine_endpoint_central:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "manageengine_endpoint_central",
"vendor": "zohocorp",
"versions": [
{
"lessThan": "11.3.2416.22",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.3.2428.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-10203",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T14:14:19.663318Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T14:27:15.677Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EndPoint Central",
"vendor": "ManageEngine",
"versions": [
{
"lessThan": "11.3.2416.22",
"status": "affected",
"version": "0",
"versionType": "11.3.2416.21"
},
{
"lessThan": "11.3.2428.10",
"status": "affected",
"version": "0",
"versionType": "11.3.2416.22"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Brenden Meeder"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below, 11.3.2428.9 and below are vulnerable to Arbitrary File Deletion in the agent installed machines.\u003cbr\u003e"
}
],
"value": "Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below, 11.3.2428.9 and below are vulnerable to Arbitrary File Deletion in the agent installed machines."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T09:20:07.450Z",
"orgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"shortName": "ManageEngine"
},
"references": [
{
"url": "https://www.manageengine.com/products/desktop-central/cve-2024-10203.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Agent Arbitrary File Deletion",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"assignerShortName": "ManageEngine",
"cveId": "CVE-2024-10203",
"datePublished": "2024-11-07T09:20:07.450Z",
"dateReserved": "2024-10-21T04:28:34.057Z",
"dateUpdated": "2024-11-07T14:27:15.677Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38868 (GCVE-0-2024-38868)
Vulnerability from cvelistv5 – Published: 2024-08-30 17:44 – Updated: 2024-08-30 17:59
VLAI?
Title
Incorrect Authorization
Summary
Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability while isolating the devices.This issue affects Endpoint Central: before 11.3.2406.08 and before 11.3.2400.15
Severity ?
7.6 (High)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ManageEngine | Endpoint Central |
Affected:
0 , < 11.3.2406.08
(11.3.2416.04)
Affected: 0 , < 11.3.2400.15 (11.3.2400.25) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38868",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-30T17:59:35.976253Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T17:59:41.602Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.manageengine.com/?pos=EndpointCentral",
"defaultStatus": "unaffected",
"product": "Endpoint Central",
"vendor": "ManageEngine",
"versions": [
{
"lessThan": "11.3.2406.08",
"status": "affected",
"version": "0",
"versionType": "11.3.2416.04"
},
{
"lessThan": "11.3.2400.15",
"status": "affected",
"version": "0",
"versionType": "11.3.2400.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Zohocorp ManageEngine Endpoint Central affected by\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIncorrect authorization vulnerability while isolating the devices.\u003c/span\u003e\u003cp\u003eThis issue affects Endpoint Central: before 11.3.2406.08 and before 11.3.2400.15\u003c/p\u003e"
}
],
"value": "Zohocorp ManageEngine Endpoint Central affected by\u00a0Incorrect authorization vulnerability while isolating the devices.This issue affects Endpoint Central: before 11.3.2406.08 and before 11.3.2400.15"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T17:44:38.932Z",
"orgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"shortName": "ManageEngine"
},
"references": [
{
"url": "https://www.manageengine.com/products/desktop-central/security-updates-ngav.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Incorrect Authorization",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"assignerShortName": "ManageEngine",
"cveId": "CVE-2024-38868",
"datePublished": "2024-08-30T17:44:38.932Z",
"dateReserved": "2024-06-20T13:15:39.620Z",
"dateUpdated": "2024-08-30T17:59:41.602Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6105 (GCVE-0-2023-6105)
Vulnerability from cvelistv5 – Published: 2023-11-15 20:57 – Updated: 2025-02-13 17:26
VLAI?
Title
ManageEngine Information Disclosure in Multiple Products
Summary
An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database passwords. This allows the user to access the ManageEngine product database.
Severity ?
5.5 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ManageEngine | Service Desk Plus |
Affected:
0 , < 14304
(custom)
|
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:21:17.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2023-35"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.manageengine.com/security/advisory/CVE/CVE-2023-6105.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Service Desk Plus",
"vendor": "ManageEngine",
"versions": [
{
"lessThan": "14304",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Asset Explorer",
"vendor": "ManageEngine",
"versions": [
{
"lessThan": "7004",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Access Manager Plus",
"vendor": "ManageEngine",
"versions": [
{
"lessThan": "14304",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database passwords. This allows the user to access the ManageEngine product database.\u003cbr\u003e"
}
],
"value": "An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database passwords. This allows the user to access the ManageEngine product database."
}
],
"impacts": [
{
"capecId": "CAPEC-176",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-176 Configuration/Environment Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-26T19:58:04.015Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"url": "https://www.tenable.com/security/research/tra-2023-35"
},
{
"url": "https://www.manageengine.com/security/advisory/CVE/CVE-2023-6105.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "ManageEngine Information Disclosure in Multiple Products",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2023-6105",
"datePublished": "2023-11-15T20:57:47.981Z",
"dateReserved": "2023-11-13T15:10:28.339Z",
"dateUpdated": "2025-02-13T17:26:03.759Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}