Information Disclosure Vulnerability in Zoho ManageEngine Remote Access Plus

Information Disclosure Vulnerability in Zoho ManageEngine Remote Access Plus

CVE-2022-26653 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Zoho ManageEngine Remote Access Plus before 10.1.2137.15 allows guest users to view domain details (such as the username and GUID of an administrator).

Learn more about our User Device Pen Test.