Lucene search
MitreCVE-2014-9371HistoryDec 16, 2014 - 6:59 p.m.
CVE-2014-9371
2014-12-1618:59:17
CWE-20
mitre
web.nvd.nist.gov
27
cve-2014-9371
nativeappservlet
manageengine desktop central msp
arbitrary code execution
json
nvd
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.7
Confidence
Low
EPSS
0.341
Percentile
97.1%
The NativeAppServlet in ManageEngine Desktop Central MSP before 90075 allows remote attackers to execute arbitrary code via a crafted JSON object.
Affected configurations
Node
zohocorpmanageengine_desktop_centralRange≤9.0managed_service_providers
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zohocorp | manageengine_desktop_central | * | cpe:2.3:a:zohocorp:manageengine_desktop_central:*:*:*:*:managed_service_providers:*:*:* |
Related
prion
prion
Code injection
2014-12-16 18:59:00
openvas
openvas
zdi
zdi
cvelist
cvelist
CVE-2014-9371
2014-12-16 18:00:00
nessus
nessus
ManageEngine Desktop Central NativeAppServlet UDID JSON RCE
2015-03-09 00:00:00
zdt
zdt
ManageEngine Desktop Central MSP Remote Code Execution Vulnerability
2014-12-13 00:00:00
nvd
nvd
CVE-2014-9371
2014-12-16 18:59:17
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.7
Confidence
Low
EPSS
0.341
Percentile
97.1%
Related for CVE-2014-9371