This page contains a list of all security vulnerabilities fixed in Analytics Plus along with its CVE ID and fixed build number. Go to ManageEngine's Security Response Center to report vulnerabilities on ManageEngine products.
CVE ID/ZVE ID | Synopsis | Severity | Affected Versions | Fixed in Version |
---|---|---|---|---|
CVE-2024-9100 | A Local File Inclusion (LFI) vulnerability has been discovered in Analytics Plus. This vulnerability enables an authenticated user to read arbitrary files from the server's file system through HSQLDB queries, potentially exposing sensitive information. | Medium | Analytics Plus On-Premise Versions below 5410 | 5410 |