An issue was discovered in Zoho ManageEngine Key Manager Plus before 6200. A service exposed by the application allows a user, with the level Operator, to access stored SSL certificates and associated key pairs during export.
References
Link | Resource |
---|---|
https://excellium-services.com/cert-xlm-advisory/cve-2022-24447/ | Third Party Advisory |
https://www.manageengine.com/key-manager/release-notes.html#6200 | Release Notes Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-03-02T14:41:59
Updated: 2022-03-02T14:41:59
Reserved: 2022-02-04T00:00:00
Link: CVE-2022-24447
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-03-02T15:15:08.230
Modified: 2023-08-08T14:22:24.967
Link: CVE-2022-24447
JSON object: View
Redhat Information
No data.
CWE