Path Traversal Vulnerability in Zohocorp ManageEngine Analytics Plus and Zoho Analytics On-Premise
CVE-2024-9100

Currently unrated

Key Information:

Vendor: Zohocorp
Status: ManageEngine Analytics Plus and Zoho Analytics On-Premise
Vendor: CVE Published:; 3 October 2024

What is CVE-2024-9100?

The vulnerability allows attackers to exploit path traversal in Zohocorp's ManageEngine Analytics Plus and Zoho Analytics On-Premise. By leveraging this flaw, unauthorized users may gain access to sensitive files and directories, potentially leading to data leakage or unauthorized data manipulation.

References

https://www.manageengine.com/analytics-plus/CVE-2024-9100...

https://www.zoho.com/analytics/onpremise/CVE-2024-9100.html

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 3, 2024