CVE-2023-2291

EPSS 0.08% · P23 Updated Feb 04, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2023-2291

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Static credentials exist in the PostgreSQL data used in ManageEngine Access Manager Plus (AMP) build 4309, ManageEngine Password Manager Pro, and ManageEngine PAM360. These credentials could allow a malicious actor to modify configuration data that would escalate their permissions from that of a low-privileged user to an Administrative user.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

多款ZOHO产品安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

ZOHO ManageEngine Password Manager Pro等都是美国卓豪（ZOHO）公司的产品。ZOHO ManageEngine Password Manager Pro是一款密码管理器。ZOHO ManageEngine Access Manager Plus是ZOHO ManageEngine PAM360是一款完整的 PAM 软件。 ManageEngine Access Manager Plus、ManageEngine Password Manager Pro和ManageE

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	Zoho ManageEngine Multiple Products	All	-

II. Public POCs for CVE-2023-2291

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2023-2291

请登录查看更多情报信息。

Same Patch Batch · n/a · 2023-04-26 · 26 CVEs total

CVE-2023-2294	3.5 LOW	UCMS Column Configuration saddpost.php cross site scripting
CVE-2023-30212		OURPHP 跨站脚本漏洞
CVE-2023-24796		Vinga WR-AC1200 安全漏洞
CVE-2022-39989		Fighting Cock Information System 信任管理问题漏洞
CVE-2023-30112		Medicine Tracker System SQL注入漏洞
CVE-2023-30265		CLTPHP 路径遍历漏洞
CVE-2023-30266		CLTPHP 代码问题漏洞
CVE-2023-30267		CLTPHP 跨站脚本漏洞
CVE-2023-30269		CLTPHP 输入验证错误漏洞
CVE-2022-27978		ToolJet 安全漏洞
CVE-2022-27979		ToolJet 跨站脚本漏洞
CVE-2023-30210		OURPHP 跨站脚本漏洞
CVE-2023-30211		OURPHP SQL注入漏洞
CVE-2023-27107		MyQ Solution Print Server和MyQ Solution Central Server 安全漏洞
CVE-2022-44232		libming 安全漏洞
CVE-2023-26930		Glyph & Cog XpdfReader 安全漏洞
CVE-2020-36070		Voyager 安全漏洞
CVE-2023-26567		FreePBX 安全漏洞
CVE-2023-29596		Cmix 安全漏洞
CVE-2023-29835		Wondershare Dr.Fone 安全漏洞

Showing top 20 of 26 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same vendor: n/a

V. Comments for CVE-2023-2291

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2023-2291

I. Basic Information for CVE-2023-2291

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2023-2291

III. Intelligence Information for CVE-2023-2291

Same Patch Batch · n/a · 2023-04-26 · 26 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2023-2291

Leave a comment