Zohocorp ManageEngine Applications Manager versions 174000 and prior are vulnerable to the incorrect authorization in the update user function.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Mon, 29 Sep 2025 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:zohocorp:manageengine_applications_manager:*:*:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.0:-:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.0:build170000:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.0:build170001:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.0:build170002:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.0:build170003:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.0:build170004:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.0:build170005:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.0:build170006:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.0:build170007:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.3:-:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.3:build173000:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.3:build173100:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.3:build173200:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.3:build173300:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.3:build173301:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:17.3:build173302:*:*:*:*:*:* |
Wed, 29 Jan 2025 11:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Zohocorp ManageEngine Applications Manager versions 174000 and prior are vulnerable to the incorrect authorization in the update user function. | |
Title | Improper Authorization | |
Weaknesses | CWE-863 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: ManageEngine
Published:
Updated: 2025-02-12T19:51:14.429Z
Reserved: 2024-07-16T07:03:21.743Z
Link: CVE-2024-41140

No data.

Status : Analyzed
Published: 2025-01-29T12:15:28.293
Modified: 2025-09-29T18:08:54.547
Link: CVE-2024-41140

No data.

Updated: 2025-07-13T11:14:10Z