Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2020-27733
HistoryJan 19, 2021 - 4:15 p.m.

CVE-2020-27733

2021-01-1916:15:12
CWE-89
[email protected]
web.nvd.nist.gov
24
4
cve-2020-27733
sql injection
zoho manageengine
applications manager
nvd

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.6%

JSON

Zoho ManageEngine Applications Manager before 14 build 14880 allows an authenticated SQL Injection via a crafted Alarmview request.

Affected configurations

NVD
Node
zohocorpmanageengine_applications_managerMatch14.0-
OR
zohocorpmanageengine_applications_managerMatch14.0build14000
OR
zohocorpmanageengine_applications_managerMatch14.0build14010
OR
zohocorpmanageengine_applications_managerMatch14.0build14020
OR
zohocorpmanageengine_applications_managerMatch14.0build14030
OR
zohocorpmanageengine_applications_managerMatch14.0build14040
OR
zohocorpmanageengine_applications_managerMatch14.0build14050
OR
zohocorpmanageengine_applications_managerMatch14.0build14060
OR
zohocorpmanageengine_applications_managerMatch14.0build14070
OR
zohocorpmanageengine_applications_managerMatch14.0build14071
OR
zohocorpmanageengine_applications_managerMatch14.0build14072
OR
zohocorpmanageengine_applications_managerMatch14.0build14073
OR
zohocorpmanageengine_applications_managerMatch14.0build14080
OR
zohocorpmanageengine_applications_managerMatch14.0build14090
OR
zohocorpmanageengine_applications_managerMatch14.0build14100
OR
zohocorpmanageengine_applications_managerMatch14.0build14110
OR
zohocorpmanageengine_applications_managerMatch14.0build14120
OR
zohocorpmanageengine_applications_managerMatch14.0build14130
OR
zohocorpmanageengine_applications_managerMatch14.0build14140
OR
zohocorpmanageengine_applications_managerMatch14.0build14150
OR
zohocorpmanageengine_applications_managerMatch14.0build14160
OR
zohocorpmanageengine_applications_managerMatch14.0build14170
OR
zohocorpmanageengine_applications_managerMatch14.0build14180
OR
zohocorpmanageengine_applications_managerMatch14.0build14190
OR
zohocorpmanageengine_applications_managerMatch14.0build14200
OR
zohocorpmanageengine_applications_managerMatch14.0build14210
OR
zohocorpmanageengine_applications_managerMatch14.0build14220
OR
zohocorpmanageengine_applications_managerMatch14.0build14230
OR
zohocorpmanageengine_applications_managerMatch14.0build14240
OR
zohocorpmanageengine_applications_managerMatch14.0build14250
OR
zohocorpmanageengine_applications_managerMatch14.0build14260
OR
zohocorpmanageengine_applications_managerMatch14.0build14261
OR
zohocorpmanageengine_applications_managerMatch14.0build14262
OR
zohocorpmanageengine_applications_managerMatch14.0build14270
OR
zohocorpmanageengine_applications_managerMatch14.0build14280
OR
zohocorpmanageengine_applications_managerMatch14.0build14290
OR
zohocorpmanageengine_applications_managerMatch14.0build14300
OR
zohocorpmanageengine_applications_managerMatch14.0build14310
OR
zohocorpmanageengine_applications_managerMatch14.0build14330
OR
zohocorpmanageengine_applications_managerMatch14.0build14331
OR
zohocorpmanageengine_applications_managerMatch14.0build14332
OR
zohocorpmanageengine_applications_managerMatch14.0build14340
OR
zohocorpmanageengine_applications_managerMatch14.0build14350
OR
zohocorpmanageengine_applications_managerMatch14.0build14360
OR
zohocorpmanageengine_applications_managerMatch14.0build14361
OR
zohocorpmanageengine_applications_managerMatch14.0build14370
OR
zohocorpmanageengine_applications_managerMatch14.0build14380
OR
zohocorpmanageengine_applications_managerMatch14.0build14390
OR
zohocorpmanageengine_applications_managerMatch14.0build14400
OR
zohocorpmanageengine_applications_managerMatch14.0build14401
OR
zohocorpmanageengine_applications_managerMatch14.0build14410
OR
zohocorpmanageengine_applications_managerMatch14.0build14420
OR
zohocorpmanageengine_applications_managerMatch14.0build14430
OR
zohocorpmanageengine_applications_managerMatch14.0build14440
OR
zohocorpmanageengine_applications_managerMatch14.0build14450
OR
zohocorpmanageengine_applications_managerMatch14.0build14460
OR
zohocorpmanageengine_applications_managerMatch14.0build14470
OR
zohocorpmanageengine_applications_managerMatch14.0build14480
OR
zohocorpmanageengine_applications_managerMatch14.0build14490
OR
zohocorpmanageengine_applications_managerMatch14.0build14500
OR
zohocorpmanageengine_applications_managerMatch14.0build14510
OR
zohocorpmanageengine_applications_managerMatch14.0build14520
OR
zohocorpmanageengine_applications_managerMatch14.0build14530
OR
zohocorpmanageengine_applications_managerMatch14.0build14531
OR
zohocorpmanageengine_applications_managerMatch14.0build14532
OR
zohocorpmanageengine_applications_managerMatch14.0build14533
OR
zohocorpmanageengine_applications_managerMatch14.0build14540
OR
zohocorpmanageengine_applications_managerMatch14.0build14550
OR
zohocorpmanageengine_applications_managerMatch14.0build14560
OR
zohocorpmanageengine_applications_managerMatch14.0build14570
OR
zohocorpmanageengine_applications_managerMatch14.0build14580
OR
zohocorpmanageengine_applications_managerMatch14.0build14590
OR
zohocorpmanageengine_applications_managerMatch14.0build14600
OR
zohocorpmanageengine_applications_managerMatch14.0build14610
OR
zohocorpmanageengine_applications_managerMatch14.0build14620
OR
zohocorpmanageengine_applications_managerMatch14.0build14630
OR
zohocorpmanageengine_applications_managerMatch14.0build14660
OR
zohocorpmanageengine_applications_managerMatch14.0build14670
OR
zohocorpmanageengine_applications_managerMatch14.0build14681
OR
zohocorpmanageengine_applications_managerMatch14.0build14682
OR
zohocorpmanageengine_applications_managerMatch14.0build14683
OR
zohocorpmanageengine_applications_managerMatch14.0build14684
OR
zohocorpmanageengine_applications_managerMatch14.0build14685
OR
zohocorpmanageengine_applications_managerMatch14.0build14690
OR
zohocorpmanageengine_applications_managerMatch14.0build14700
OR
zohocorpmanageengine_applications_managerMatch14.0build14710
OR
zohocorpmanageengine_applications_managerMatch14.0build14720
OR
zohocorpmanageengine_applications_managerMatch14.0build14730
OR
zohocorpmanageengine_applications_managerMatch14.0build14740
OR
zohocorpmanageengine_applications_managerMatch14.0build14750
OR
zohocorpmanageengine_applications_managerMatch14.0build14760
OR
zohocorpmanageengine_applications_managerMatch14.0build14770
OR
zohocorpmanageengine_applications_managerMatch14.0build14780
OR
zohocorpmanageengine_applications_managerMatch14.0build14781
OR
zohocorpmanageengine_applications_managerMatch14.0build14790
OR
zohocorpmanageengine_applications_managerMatch14.0build14800
OR
zohocorpmanageengine_applications_managerMatch14.0build14811
OR
zohocorpmanageengine_applications_managerMatch14.0build14820
OR
zohocorpmanageengine_applications_managerMatch14.0build14830
OR
zohocorpmanageengine_applications_managerMatch14.0build14840
OR
zohocorpmanageengine_applications_managerMatch14.0build14841
OR
zohocorpmanageengine_applications_managerMatch14.0build14842
OR
zohocorpmanageengine_applications_managerMatch14.0build14843
OR
zohocorpmanageengine_applications_managerMatch14.0build14850
OR
zohocorpmanageengine_applications_managerMatch14.0build14860
OR
zohocorpmanageengine_applications_managerMatch14.0build14870

Social References

More

Related

nvd 1
prion 1
cvelist 1
nvd
nvd
CVE-2020-27733
2021-01-19 16:15:12
prion
prion
Sql injection
2021-01-19 16:15:00
cvelist
cvelist
CVE-2020-27733
2021-01-19 15:53:26

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.6%

JSON
Related for CVE-2020-27733
nvd1prion1cvelist1