Vulnerabilities > Zohocorp > Manageengine Pam360
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-19 | CVE-2022-35405 | Deserialization of Untrusted Data vulnerability in Zohocorp products Zoho ManageEngine Password Manager Pro before 12101 and PAM360 before 5510 are vulnerable to unauthenticated remote code execution. | 9.8 |
| 2022-04-28 | CVE-2022-29081 | Path Traversal vulnerability in Zohocorp products Zoho ManageEngine Access Manager Plus before 4302, Password Manager Pro before 12007, and PAM360 before 5401 are vulnerable to access-control bypass on a few Rest API URLs (for SSOutAction. | 9.8 |
| 2021-12-20 | CVE-2021-44525 | Improper Authentication vulnerability in Zohocorp Manageengine Pam360 Zoho ManageEngine PAM360 before build 5303 allows attackers to modify a few aspects of application state because of a filter bypass in which authentication is not required. | 9.8 |