CVE-2022-29081 vulnerability in Zoho Corp Products
Published on April 28, 2022

Zoho ManageEngine Access Manager Plus before 4302, Password Manager Pro before 12007, and PAM360 before 5401 are vulnerable to access-control bypass on a few Rest API URLs (for SSOutAction. SSLAction. LicenseMgr. GetProductDetails. GetDashboard. FetchEvents. and Synchronize) via the ../RestAPI substring.

NVD

Products Associated with CVE-2022-29081

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2022-29081 are published in these products:

Zoho Corp Manageengine Password Manager Pro

Zoho Corp Manageengine Pam360

Zoho Corp Manageengine Access Manager Plus

Exploit Probability

EPSS

81.76%

Percentile

99.17%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2022-29081 vulnerability in Zoho Corp ProductsPublished on April 28, 2022

Products Associated with CVE-2022-29081

Exploit Probability

CVE-2022-29081 vulnerability in Zoho Corp Products
Published on April 28, 2022