CVE-2021-44525

Zoho ManageEngine PAM360 before build 5303 allows attackers to modify a few aspects of application state because of a filter bypass in which authentication is not required.

Link	Resource
https://pitstop.manageengine.com/portal/en/community/topic/title-security-advisory-for-cve-2021-44525-authentication-bypass-vulnerability-in-manageengine-pam360	Vendor Advisory

Configuration 1

cpe:2.3:a:zohocorp:manageengine_pam360:5.3:build5302:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_pam360:5.3:build5301:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_pam360:5.3:build5300:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_pam360:5.2:build5200:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_pam360:5.1:build5100:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_pam360:5.0:build5004:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_pam360:5.0:build5003:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_pam360:5.0:build5002:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_pam360:5.0:build5001:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_pam360:5.0:build5000:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_pam360:4.5:build4500:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_pam360:4.5:build4501:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_pam360:4.1:build4100:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_pam360:4.1:build4101:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_pam360:4.0:build4001:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_pam360:4.0:build4002:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_pam360:5.2:*:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_pam360:5.1:*:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_pam360:5.0:*:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_pam360:4.1:*:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_pam360:4.0:*:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_pam360:4.5:*:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_pam360:5.3:*:*:*:*:*:*:*

---

Published : 2021-12-20 04:15

Updated : 2022-01-04 05:36

---

NVD link : CVE-2021-44525

Mitre link : CVE-2021-44525

No products.

CWE-668