CVE-2022-29081
CRITICAL EXPLOITED NUCLEIZoho ManageEngine <4302, <12007, <5401 - Auth Bypass
Title source: llmExploitation Summary
CVE-2022-29081 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.
Description
Zoho ManageEngine Access Manager Plus before 4302, Password Manager Pro before 12007, and PAM360 before 5401 are vulnerable to access-control bypass on a few Rest API URLs (for SSOutAction. SSLAction. LicenseMgr. GetProductDetails. GetDashboard. FetchEvents. and Synchronize) via the ../RestAPI substring.
Nuclei Templates (1)
Zoho ManageEngine - Access Control Bypass
CRITICALVERIFIEDby 0xanis
Shodan:
http.title:"manageengine"
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://www.tenable.com/security/research/tra-2022-14
Vendor Advisory x_refsource_misc
https://www.manageengine.com/privileged-session-management/advisory/cve-2022-29081.html
Scores
CVSS v3
9.8
EPSS
0.8332
EPSS Percentile
99.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
VulnCheck KEV
2024-01-06
CWE
CWE-22
Status
published
Products (20)
zohocorp/manageengine_access_manager_plus
4.0 build4000
zohocorp/manageengine_access_manager_plus
4.1 build4100 (2 CPE variants)
zohocorp/manageengine_access_manager_plus
4.2 build4200 (4 CPE variants)
zohocorp/manageengine_access_manager_plus
4.3 build4300 (2 CPE variants)
zohocorp/manageengine_pam360
4.0 build4001 (2 CPE variants)
zohocorp/manageengine_pam360
4.1 build4100 (2 CPE variants)
zohocorp/manageengine_pam360
4.5 build4500 (2 CPE variants)
zohocorp/manageengine_pam360
5.0 build5000 (5 CPE variants)
zohocorp/manageengine_pam360
5.1 build5100
zohocorp/manageengine_pam360
5.2 build5200
... and 10 more
Published
Apr 28, 2022
Tracked Since
Feb 18, 2026