OpManager Auth RCE via DB Change in NMAP Feature
CVE-2022-38772 Published on August 29, 2022

Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature.

NVD

Products Associated with CVE-2022-38772

Want to know whenever a new CVE is published for Zoho Corp products? stack.watch will email you.

Zoho Corp Manageengine Opmanager

Zoho Corp Manageengine Network Configuration Manager

Zoho Corp Manageengine Netflow Analyzer

Zoho Corp Manageengine Oputils

Zoho Corp Manageengine Opmanager Msp

Zoho Corp Manageengine Opmanager Plus

Exploit Probability

EPSS

39.14%

Percentile

97.19%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

OpManager Auth RCE via DB Change in NMAP FeatureCVE-2022-38772 Published on August 29, 2022

Products Associated with CVE-2022-38772

Exploit Probability

OpManager Auth RCE via DB Change in NMAP Feature
CVE-2022-38772 Published on August 29, 2022