Manageengine opmanager
This hub aggregates every CVE we track for Manageengine opmanager, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
54
CVEs tracked
20
Critical
22
High
0
In CISA KEV
Severity distribution
HIGH22CRITICAL20MEDIUM12
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Manageengine opmanager.
- CVE-2023-47211A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can s...9.1
- CVE-2023-6105ManageEngine Information Disclosure in Multiple Products5.5
- CVE-2023-31099Zoho ManageEngine OPManager through 126323 allows an authenticated user to achieve remote code execution via probe servers.8.8
- CVE-2022-38772Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make ...8.8
- CVE-2022-36923Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126...7.5
- CVE-2022-37024Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) a...8.8
- CVE-2022-35404ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine.8.2
- CVE-2022-29535Zoho ManageEngine OPManager through 125588 allows SQL Injection via a few default reports.9.8
- CVE-2022-27908Zoho ManageEngine OpManager before 125588 (and before 125603) is vulnerable to authenticated SQL Injection in the Inventory Reports module.8.8
- CVE-2021-44514OpUtils in Zoho ManageEngine OpManager 12.5 before 125490 mishandles authentication for a few audit directories.9.8
- CVE-2021-41075The NetFlow Analyzer in Zoho ManageEngine OpManger before 125455 is vulnerable to SQL Injection in the Attacks Module API.9.8
- CVE-2021-40493Zoho ManageEngine OpManager before 125437 is vulnerable to SQL Injection in the support diagnostics module. This occurs via the pollingObject parameter of the getDataCollectionFailureReason API.9.8
- CVE-2021-41288Zoho ManageEngine OpManager version 125466 and below is vulnerable to SQL Injection in the getReportData API.9.8
- CVE-2021-3287Zoho ManageEngine OpManager before 12.5.329 allows unauthenticated Remote Code Execution due to a general bypass in the deserialization class.9.8
- CVE-2021-20078Manage Engine OpManager builds below 125346 are vulnerable to a remote denial of service vulnerability due to a path traversal issue in spark gateway component. This allows a remote attacker to rem...9.1
Product normalization is registry-driven with AI assist and human review. How it works