CVE-2016-1159
N/A
N/A
Summary
In ZOHO Password Manager Pro (PMP) 8.3.0 (Build 8303) and 8.4.0 (Build 8400,8401,8402), underprivileged users can obtain sensitive information (entry password history) via a vulnerable hidden service.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ZOHO | Password Manager Pro (PMP) | 8.3.0 (Build 8303 | affected |
| ZOHO | Password Manager Pro (PMP) | 8.4.0 (Build 8400 | affected |
| ZOHO | Password Manager Pro (PMP) | 8401 | affected |
| ZOHO | Password Manager Pro (PMP) | 8402). | affected |
Weaknesses
- obtain sensitive information
ADP Enrichment
CVE Program Container
Additional References
- https://excellium-services.com/cert-xlm-advisory/cve-2016-1159/
- https://www.manageengine.com/products/passwordmanagerpro/release-notes.html
- http://jvn.jp/vu/JVNVU90405898/index.html
- https://www.manageengine.com/products/passwordmanagerpro/issues-fixed.html
References
- https://excellium-services.com/cert-xlm-advisory/cve-2016-1159/
- https://www.manageengine.com/products/passwordmanagerpro/release-notes.html
- http://jvn.jp/vu/JVNVU90405898/index.html
- https://www.manageengine.com/products/passwordmanagerpro/issues-fixed.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.