ManageEngine 厂商漏洞列表 / CVE 中文分析 86

ManageEngine 厂商相关 86 条 CVE 漏洞，含 AI 中文分析、POC、CVSS 评分与受影响产品。

ManageEngine 专注于提供企业级 IT 服务管理、网络安全及系统监控解决方案。其产品线历史累计收录 86 条 CVE，常见漏洞类型涵盖远程代码执行、跨站脚本及权限绕过，多源于未授权访问或输入验证缺陷。近期安全事件多涉及身份认证绕过及敏感信息泄露，凸显其 Web 应用层防护的复杂性。建议用户及时更新补丁，并严格实施最小权限原则以缓解潜在风险。

CVE ID	タイトル	CVSS	深刻度	公開日
CVE-2024-27310	DOS Vulnerability — ADSelfService PlusCWE-90	5.3	Medium	2024-05-27
CVE-2024-27314	Stored XSS Vulnerability — ServiceDesk Plus, ServiceDesk Plus MSP, SupportCenter PlusCWE-79	2.4	Low	2024-05-27
CVE-2024-21791	SQL Injection in ADAudit Plus — ADAudit PlusCWE-89	4.7	Medium	2024-05-22
CVE-2023-49335	ZOHO ManageEngine ADAudit Plus 安全漏洞 — ADAudit Plus	8.3	High	2024-05-20
CVE-2023-49334	ZOHO ManageEngine ADAudit Plus 安全漏洞 — ADAudit Plus	8.3	High	2024-05-20
CVE-2023-49333	ZOHO ManageEngine ADAudit Plus 安全漏洞 — ADAudit Plus	8.3	High	2024-05-20
CVE-2023-49332	ZOHO ManageEngine ADAudit Plus 安全漏洞 — ADAudit Plus	8.3	High	2024-05-20
CVE-2023-49331	ZOHO ManageEngine ADAudit Plus 安全漏洞 — ADAudit Plus	8.3	High	2024-05-20
CVE-2024-27312	Authorization vulnerability in PAM360 — PAM360CWE-863	8.1	High	2024-05-20
CVE-2023-49330	Zoho ManageEngine ADAudit Plus 安全漏洞 — ADAudit Plus	8.3	High	2024-05-20
CVE-2024-21775	SQL Injection — Exchange Reporter PlusCWE-89	8.3	High	2024-02-16
CVE-2024-0269	SQL Injection — ADAudit PlusCWE-89	8.3	High	2024-02-02
CVE-2024-0253	SQL Injection — ADAudit PlusCWE-89	8.3	High	2024-02-02
CVE-2024-0252	Remote code execution — ADSelfService PlusCWE-94	8.8	High	2024-01-11
CVE-2023-47211	ZOHO ManageEngine OpManager 路径遍历漏洞 — OpManagerCWE-22	9.1	Critical	2024-01-08
CVE-2023-6105	ManageEngine Information Disclosure in Multiple Products — Service Desk PlusCWE-200	5.5	Medium	2023-11-15
CVE-2023-4769	Server-Side Request Forgery in ManageEngine Desktop Central — Desktop CentralCWE-918	6.6	Medium	2023-11-03
CVE-2023-4768	Improper Neutralization of CRLF Sequences in ManageEngine Desktop Central — Desktop CentralCWE-93	6.1	Medium	2023-11-03
CVE-2023-4767	Improper Neutralization of CRLF Sequences in ManageEngine Desktop Central — Desktop CentralCWE-93	6.1	Medium	2023-11-03
CVE-2023-35719	ManageEngine ADSelfService Plus GINA Client Insufficient Verification of Data Authenticity Authentication Bypass Vulnerability — ADSelfService PlusCWE-345	6.8	-	2023-09-06
CVE-2022-43473	ManageEngine OpManager 代码问题漏洞 — OpManagerCWE-611	5.8	Medium	2023-03-30
CVE-2016-9498	ManageEngine Applications Manager 12 and 13, allows unserialization of unsafe Java objects — Applications ManagerCWE-502	9.8	-	2018-07-13
CVE-2016-9491	ManageEngine Applications Manager 12 and 13 is vulnerable to privilege escalation due to improper restriction of an XML external entity — Applications ManagerCWE-611	4.9	-	2018-07-13
CVE-2016-9489	ManageEngine Applications Manager 12 and 13 is vulnerable to privilege escalation and authentication bypass — Applications ManagerCWE-269	8.1	-	2018-07-13
CVE-2016-9488	ManageEngine Applications Manager versions 12 and 13 suffer from remote SQL injection vulnerabilities — Applications ManagerCWE-89	9.8	-	2018-06-05
CVE-2016-9490	ManageEngine Applications Manager versions 12 and 13 suffer from a Reflected Cross-Site Scripting vulnerability — Applications ManagerCWE-79	6.1	-	2018-06-05

本页汇总了 ManageEngine 厂商截至目前公开的全部 86 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接，并附带 AI 生成的中文分析以便快速判断风险。

目標達成 すべての支援者に感謝 — 100%達成しました！

ManageEngine 厂商漏洞列表 / CVE 中文分析 86

目標達成すべての支援者に感謝 — 100%達成しました！