Low-Privileged User Can Perform Admin Actions on Zoho ManageEngine PAM360 Version 6601
CVE-2024-27312
8.1HIGH
What is CVE-2024-27312?
An authorization vulnerability exists in ManageEngine PAM360 version 6601, enabling low-privileged users to execute administrative functions. This represents a substantial security risk, as users without proper privileges could potentially gain unauthorized access to critical administrative capabilities, undermining system integrity and security. The flaw is exclusive to PAM360 version 6601, with no other versions impacted, necessitating prompt attention from users to mitigate potential risks.
Affected Version(s)
PAM360 6600 < 6601