Zoho ManageEngine Password Manager Pro before 12101 and PAM360 before 5510 are vulnerable to unauthenticated remote code execution. (This also affects ManageEngine Access Manager Plus before 4303 with authentication.)
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2022-35405 | Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability | exploitation_technique | T1059 | Command and Scripting Interpreter |
Comments
CVE-2022-35405 is an unauthenticated remote code execution vulnerability as a result of deserialization.
References
|