CVE-2024-9097 | Zoho ManageEngine Endpoint Central prior 11.3.2440.09 Chat username authorization

Posted by Angelo Barbosa | Feb 5, 2025 | CVE

A vulnerability classified as problematic has been found in Zoho ManageEngine Endpoint Central 11.3.2400.15/11.3.2406.08/11.3.2416.22/11.3.2428.9/11.3.2428.10. Affected is an unknown function of the component Chat. The manipulation of the argument username leads to authorization bypass.

This vulnerability is traded as CVE-2024-9097. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-9097 | Zoho ManageEngine Endpoint Central prior 11.3.2440.09 Chat username authorization

Related Posts

CVE-2024-47797 | OpenHarmony up to 4.1.0 out-of-bounds write

CVE-2023-31211 | Checkmk up to 2.0.0p38/2.1.0p36/2.2.0p16 Authentication insufficient control flow management

CVE-2024-55875 | http4k up to 5.40.x xml external entity reference (GHSA-7mj5-hjjj-8rgw)

CVE-2024-4968 | SourceCodester Interactive Map with Marker 1.0 Add Marker Marker Name cross site scripting