Vulnerabilities > Zohocorp > Manageengine Opmanager > 11.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-08-04 | CVE-2015-9107 | Cryptographic Issues vulnerability in Zohocorp Manageengine Opmanager Zoho ManageEngine OpManager 11 through 12.2 uses a custom encryption algorithm to protect the credential used to access the monitored devices. | 5.0 |
2015-10-09 | CVE-2015-7766 | Permissions, Privileges, and Access Controls vulnerability in Zohocorp Manageengine Opmanager 11.4/11.5/11.6 PGSQL:SubmitQuery.do in ZOHO ManageEngine OpManager 11.6, 11.5, and earlier allows remote administrators to bypass SQL query restrictions via a comment in the query to api/json/admin/SubmitQuery, as demonstrated by "INSERT/**/INTO." | 9.0 |