CVE-2022-24978

CVE-2022-24978

EPSS 1.1%

Zoho ManageEngine ADAudit Plus before 7055 allows authenticated Privilege Escalation on Integrated products. This occurs because a password field is present in a JSON response.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://manageengine.com https://pitstop.manageengine.com/portal/en/community/topic/cve-2022-24978-privilege-escalation-vulnerability-manageengine-adaudit-plus