Back to search
CVE-2023-2291
Published: Apr 26, 2023
Modified: Feb 3, 2025
PUBLISHED
Description
Static credentials exist in the PostgreSQL data used in ManageEngine Access Manager Plus (AMP) build 4309, ManageEngine Password Manager Pro, and ManageEngine PAM360. These credentials could allow a malicious actor to modify configuration data that would escalate their permissions from that of a low-privileged user to an Administrative user.
| Vendor | Product | Versions |
|---|---|---|
n/a | Zoho ManageEngine Multiple Products | affected All |
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now