Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2016-1159

In ZOHO Password Manager Pro (PMP) 8.3.0 (Build 8303) and 8.4.0 (Build 8400,8401,8402), underprivileged users can obtain sensitive information (entry password history) via a vulnerable hidden service.

  • Published: Mar 9, 2020
  • Updated: Apr 13, 2023
  • CVE: CVE-2016-1159
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.5
  • AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

  • Severity: Low
  • Score: 4
  • AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

Software From Fixed in
zohocorp / manageengine_password_manager_pro 8.3-build8303 8.3-build8303.x
zohocorp / manageengine_password_manager_pro 8.4-build8400 8.4-build8400.x
zohocorp / manageengine_password_manager_pro 8.4-build8401 8.4-build8401.x
zohocorp / manageengine_password_manager_pro 8.4-build8402 8.4-build8402.x