HTTP: Zoho ManageEngine Multiple Products XMLRPC Insecure Deserialization
This signature detects attempts to exploit a known vulnerability against Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus. A successful attack can lead to arbitrary code execution
Extended Description
Zoho ManageEngine Password Manager Pro before 12101 and PAM360 before 5510 are vulnerable to unauthenticated remote code execution. (This also affects ManageEngine Access Manager Plus before 4303 with authentication.)
Affected Products
Zohocorp manageengine_password_manager_pro
Short Name
HTTP:CTS:ZOHO-MUL-PRO-XMLRPC-ID
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2022-35405 Deserialization Insecure ManageEngine Multiple Products XMLRPC Zoho
Release Date
08/23/2022
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Zohocorp