Zoho ManageEngine Password Manager Pro before 12101 and PAM360 before 5510 are vulnerable to unauthenticated remote code execution. (This also affects ManageEngine Access Manager Plus before 4303 with authentication.)
Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
---|---|---|---|---|---|
CVE-2022-35405 | Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability | exploitation_technique | T1059 | Command and Scripting Interpreter |
Comments
CVE-2022-35405 is an unauthenticated remote code execution vulnerability as a result of deserialization.
References
|