Vulnerabilities > Zohocorp > Manageengine Network Configuration Manager > 12.2

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-08	CVE-2023-47211	Path Traversal vulnerability in Zohocorp products A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. network low complexity zohocorp CWE-22	8.6
2023-11-15	CVE-2023-6105	Unspecified vulnerability in Zohocorp products An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. local low complexity zohocorp	5.5
2022-07-18	CVE-2022-35404	Improper Input Validation vulnerability in Zohocorp products ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine. network low complexity zohocorp CWE-20	8.2
2021-11-30	CVE-2021-43319	Command Injection vulnerability in Zohocorp Manageengine Network Configuration Manager Zoho ManageEngine Network Configuration Manager before 125488 is vulnerable to command injection due to improper validation in the Ping functionality. network low complexity zohocorp CWE-77 critical	9.8
2018-11-06	CVE-2018-18980	XXE vulnerability in Zohocorp Manageengine Network Configuration Manager An XML External Entity injection (XXE) vulnerability exists in Zoho ManageEngine Network Configuration Manager and OpManager before 12.3.214 via the RequestXML parameter in a /devices/ProcessRequest.do GET request. network low complexity zohocorp CWE-611	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.