Hardcoded Password Vulnerability in ZOHO ManageEngine OpManager 11.5 build 11600 and Earlier

Hardcoded Password Vulnerability in ZOHO ManageEngine OpManager 11.5 build 11600 and Earlier

CVE-2015-7765 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

ZOHO ManageEngine OpManager 11.5 build 11600 and earlier uses a hardcoded password of "plugin" for the IntegrationUser account, which allows remote authenticated users to obtain administrator access by leveraging knowledge of this password.

Learn more about our User Device Pen Test.