CVE-2024-52323
CVSS 3.1 Score 8.1 of 10 (high)
Details
Summary
CVE-2024-52323 is a vulnerability affecting ManageEngine Analytics Plus versions prior to 6100. This issue grants authenticated users the ability to expose sensitive tokens linked to the org-admin account. By exploiting this vulnerability, attackers can gain unauthorized access to sensitive data within the affected system. The exposure of these tokens poses a significant risk to the security and confidentiality of data handled by the impacted ManageEngine Analytics Plus installations. Organizations running affected versions are urged to update to the latest release as soon as possible to mitigate this issue.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- Zoho Corporation