An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database passwords. This allows the user to access the ManageEngine product database.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: tenable

Published: 2023-11-15T20:57:47.981Z

Updated: 2024-08-02T08:21:17.671Z

Reserved: 2023-11-13T15:10:28.339Z

Link: CVE-2023-6105

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-11-15T21:15:08.490

Modified: 2024-11-21T08:43:08.707

Link: CVE-2023-6105

cve-icon Redhat

No data.