Threat Advisories:
🎧 Hive Force Labs: Critical Threats Affecting You This Week - 5 Minute Audio Intelligence Report
👥 Play Count: Loading...

A Critical Vulnerability That Affects ManageEngine Products

Threat Level – Red | Vulnerability Report
Download PDF

A critical vulnerability in several ManageEngine products allows for remote code execution (RCE) without authentication. This vulnerability is tracked as CVE-2022-47966 and is caused by an outdated third-party dependency, Apache Santuario. This vulnerability affects almost all ManageEngine products and allows unauthenticated attackers to execute arbitrary code if the SAML-based single-sign-on (SSO) is or was enabled at least once before the attack.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox

Cybersecurity Leaders Dinner at Houston

CTEM for CISOs in 2025, brought to life by Al Lindseth.

Tuesday, October 7th, 2025
6.00 pm to 9.00 pm
Del FRISCOS Double Eagle Steakhouse, Houston TX