This security bulletin contains one medium risk vulnerability.
Exploit availability: NoDescription
The vulnerability allows a remote user to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions. A remote low privileged user can bypass implemented security restrictions and gain unauthorized access to Device Filters, Support Module and SDP On-Premise Integration feature.Mitigation
Install updates from vendor's website.Vulnerable software versions
Zoho ManageEngine OpManager: 12.5 125000 - 12.5 125467
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?