FAIL › dossier
Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.
| Date | Event | Sev | Flags | Shame | Summary |
|---|---|---|---|---|---|
| 2023-01-23 | CVE-2022-47966 | critical | ⚡RCE ⌖KEV | 95 | Multiple Zoho ManageEngine products contain an unauthenticated remote code execution vulnerability due to the usage of an outdated third-party dependency, Apache Santuario. |
| 2021-11-03 | CVE-2021-40539 | critical | ⚡RCE ◐0day ⌖KEV | 95 | Zoho ManageEngine ADSelfService Plus contains an authentication bypass vulnerability affecting the REST API URLs which allow for remote code execution. |
| 2023-03-07 | CVE-2022-28810 | high | ⚡RCE ⌖KEV | 65 | Zoho ManageEngine ADSelfService Plus contains an unspecified vulnerability allowing for remote code execution when performing a password change or reset. |
| 2022-09-22 | CVE-2022-35405 | high | ⚡RCE ⌖KEV | 65 | Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus contain an unspecified vulnerability that allows for remote code execution. |
| 2021-11-03 | CVE-2019-8394 | high | ⚡RCE ⌖KEV | 65 | Zoho ManageEngine ServiceDesk Plus (SDP) contains an unspecified vulnerability that allows remote users to upload files via login page customization. |
| 2021-11-03 | CVE-2020-10189 | high | ⚡RCE ⌖KEV | 65 | Zoho ManageEngine Desktop Central contains a file upload vulnerability that allows for unauthenticated remote code execution. |