CVE-2024-5466
HIGHCVSS 8.8/10EPSS 6.91%
Last modified
CVE-2024-5466 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option.. EPSS estimates a 6.91% chance of exploitation in the next 30 days.
Description
Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Zohocorp | Manageengine Opmanager | <= 12.7 | — |
| Zohocorp | Manageengine Opmanager | 12.8 | Build128102 |
| Zohocorp | Manageengine Opmanager Msp | <= 12.7 | — |
| Zohocorp | Manageengine Opmanager Msp | 12.8 | Build128102 |
| Zohocorp | Manageengine Opmanager Plus | <= 12.7 | — |
| Zohocorp | Manageengine Opmanager Plus | 12.8 | Build128102 |
| Zohocorp | Manageengine Remote Monitoring And Management Central | All versions | — |
References
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2024-5466?
Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option.
How severe is CVE-2024-5466?
CVE-2024-5466 has a CVSS score of 8.8/10 (HIGH severity). The EPSS model estimates a 6.91% probability of exploitation in the next 30 days.
How do I fix CVE-2024-5466?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2024-5466?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST