CVE Vulnerabilities

CVE-2024-24409

Improper Privilege Management

Published: Nov 08, 2024 | Modified: Nov 13, 2024
CVSS 3.x
8.8
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Zohocorp ManageEngine ADManager Plus versions 7203 and prior are vulnerable to Privilege Escalation in the Modify Computers option.

Weakness

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Affected Software

Name Vendor Start Version End Version
Manageengine_admanager_plus Zohocorp 6.1 (including) 6.1 (including)
Manageengine_admanager_plus Zohocorp 6.1-6100 (including) 6.1-6100 (including)
Manageengine_admanager_plus Zohocorp 6.1-6101 (including) 6.1-6101 (including)
Manageengine_admanager_plus Zohocorp 6.1-6102 (including) 6.1-6102 (including)
Manageengine_admanager_plus Zohocorp 6.1-6103 (including) 6.1-6103 (including)
Manageengine_admanager_plus Zohocorp 6.1-6104 (including) 6.1-6104 (including)
Manageengine_admanager_plus Zohocorp 6.1-6105 (including) 6.1-6105 (including)
Manageengine_admanager_plus Zohocorp 6.1-6106 (including) 6.1-6106 (including)
Manageengine_admanager_plus Zohocorp 6.1-6107 (including) 6.1-6107 (including)
Manageengine_admanager_plus Zohocorp 6.1-6108 (including) 6.1-6108 (including)
Manageengine_admanager_plus Zohocorp 6.1-6109 (including) 6.1-6109 (including)
Manageengine_admanager_plus Zohocorp 6.1-6110 (including) 6.1-6110 (including)
Manageengine_admanager_plus Zohocorp 6.1-6111 (including) 6.1-6111 (including)
Manageengine_admanager_plus Zohocorp 6.2 (including) 6.2 (including)
Manageengine_admanager_plus Zohocorp 6.5.7 (including) 6.5.7 (including)
Manageengine_admanager_plus Zohocorp 6.6-6657 (including) 6.6-6657 (including)
Manageengine_admanager_plus Zohocorp 6.6-6660 (including) 6.6-6660 (including)
Manageengine_admanager_plus Zohocorp 6.6.5 (including) 6.6.5 (including)
Manageengine_admanager_plus Zohocorp 7.0 (including) 7.0 (including)
Manageengine_admanager_plus Zohocorp 7.0-7000 (including) 7.0-7000 (including)
Manageengine_admanager_plus Zohocorp 7.0-7010 (including) 7.0-7010 (including)
Manageengine_admanager_plus Zohocorp 7.0-7011 (including) 7.0-7011 (including)
Manageengine_admanager_plus Zohocorp 7.0-7020 (including) 7.0-7020 (including)
Manageengine_admanager_plus Zohocorp 7.0-7030 (including) 7.0-7030 (including)
Manageengine_admanager_plus Zohocorp 7.0-7040 (including) 7.0-7040 (including)
Manageengine_admanager_plus Zohocorp 7.0-7041 (including) 7.0-7041 (including)
Manageengine_admanager_plus Zohocorp 7.0-7050 (including) 7.0-7050 (including)
Manageengine_admanager_plus Zohocorp 7.0-7051 (including) 7.0-7051 (including)
Manageengine_admanager_plus Zohocorp 7.0-7052 (including) 7.0-7052 (including)
Manageengine_admanager_plus Zohocorp 7.0-7053 (including) 7.0-7053 (including)
Manageengine_admanager_plus Zohocorp 7.0-7054 (including) 7.0-7054 (including)
Manageengine_admanager_plus Zohocorp 7.0-7055 (including) 7.0-7055 (including)
Manageengine_admanager_plus Zohocorp 7.0-7056 (including) 7.0-7056 (including)
Manageengine_admanager_plus Zohocorp 7.0-7060 (including) 7.0-7060 (including)
Manageengine_admanager_plus Zohocorp 7.0-7061 (including) 7.0-7061 (including)
Manageengine_admanager_plus Zohocorp 7.0-7062 (including) 7.0-7062 (including)
Manageengine_admanager_plus Zohocorp 7.0-7063 (including) 7.0-7063 (including)
Manageengine_admanager_plus Zohocorp 7.0-7064 (including) 7.0-7064 (including)
Manageengine_admanager_plus Zohocorp 7.0-7065 (including) 7.0-7065 (including)
Manageengine_admanager_plus Zohocorp 7.0-7066 (including) 7.0-7066 (including)
Manageengine_admanager_plus Zohocorp 7.1 (including) 7.1 (including)
Manageengine_admanager_plus Zohocorp 7.1-7100 (including) 7.1-7100 (including)
Manageengine_admanager_plus Zohocorp 7.1-7101 (including) 7.1-7101 (including)
Manageengine_admanager_plus Zohocorp 7.1-7102 (including) 7.1-7102 (including)
Manageengine_admanager_plus Zohocorp 7.1-7110 (including) 7.1-7110 (including)
Manageengine_admanager_plus Zohocorp 7.1-7111 (including) 7.1-7111 (including)
Manageengine_admanager_plus Zohocorp 7.1-7112 (including) 7.1-7112 (including)
Manageengine_admanager_plus Zohocorp 7.1-7113 (including) 7.1-7113 (including)
Manageengine_admanager_plus Zohocorp 7.1-7114 (including) 7.1-7114 (including)
Manageengine_admanager_plus Zohocorp 7.1-7115 (including) 7.1-7115 (including)
Manageengine_admanager_plus Zohocorp 7.1-7116 (including) 7.1-7116 (including)
Manageengine_admanager_plus Zohocorp 7.1-7117 (including) 7.1-7117 (including)
Manageengine_admanager_plus Zohocorp 7.1-7118 (including) 7.1-7118 (including)
Manageengine_admanager_plus Zohocorp 7.1-7120 (including) 7.1-7120 (including)
Manageengine_admanager_plus Zohocorp 7.1-7121 (including) 7.1-7121 (including)
Manageengine_admanager_plus Zohocorp 7.1-7122 (including) 7.1-7122 (including)
Manageengine_admanager_plus Zohocorp 7.1-7123 (including) 7.1-7123 (including)
Manageengine_admanager_plus Zohocorp 7.1-7124 (including) 7.1-7124 (including)
Manageengine_admanager_plus Zohocorp 7.1-7125 (including) 7.1-7125 (including)
Manageengine_admanager_plus Zohocorp 7.1-7126 (including) 7.1-7126 (including)
Manageengine_admanager_plus Zohocorp 7.1-7130 (including) 7.1-7130 (including)
Manageengine_admanager_plus Zohocorp 7.1-7131 (including) 7.1-7131 (including)
Manageengine_admanager_plus Zohocorp 7.1-7140 (including) 7.1-7140 (including)
Manageengine_admanager_plus Zohocorp 7.1-7141 (including) 7.1-7141 (including)
Manageengine_admanager_plus Zohocorp 7.1-7150 (including) 7.1-7150 (including)
Manageengine_admanager_plus Zohocorp 7.1-7151 (including) 7.1-7151 (including)
Manageengine_admanager_plus Zohocorp 7.1-7160 (including) 7.1-7160 (including)
Manageengine_admanager_plus Zohocorp 7.1-7161 (including) 7.1-7161 (including)
Manageengine_admanager_plus Zohocorp 7.1-7162 (including) 7.1-7162 (including)
Manageengine_admanager_plus Zohocorp 7.1-7163 (including) 7.1-7163 (including)
Manageengine_admanager_plus Zohocorp 7.1-7170 (including) 7.1-7170 (including)
Manageengine_admanager_plus Zohocorp 7.1-7171 (including) 7.1-7171 (including)
Manageengine_admanager_plus Zohocorp 7.1-7180 (including) 7.1-7180 (including)
Manageengine_admanager_plus Zohocorp 7.1-7181 (including) 7.1-7181 (including)
Manageengine_admanager_plus Zohocorp 7.1-7182 (including) 7.1-7182 (including)
Manageengine_admanager_plus Zohocorp 7.1-7183 (including) 7.1-7183 (including)
Manageengine_admanager_plus Zohocorp 7.1-7184 (including) 7.1-7184 (including)
Manageengine_admanager_plus Zohocorp 7.1-7185 (including) 7.1-7185 (including)
Manageengine_admanager_plus Zohocorp 7.1-7186 (including) 7.1-7186 (including)
Manageengine_admanager_plus Zohocorp 7.1-7188 (including) 7.1-7188 (including)
Manageengine_admanager_plus Zohocorp 7.2-7200 (including) 7.2-7200 (including)
Manageengine_admanager_plus Zohocorp 7.2-7201 (including) 7.2-7201 (including)
Manageengine_admanager_plus Zohocorp 7.2-7202 (including) 7.2-7202 (including)
Manageengine_admanager_plus Zohocorp 7.2-7203 (including) 7.2-7203 (including)

Potential Mitigations

References