Lucene search

[email protected]CVE-2020-27733

HistoryJan 19, 2021 - 4:15 p.m.

CVE-2020-27733

2021-01-1916:15:12

CWE-89

[email protected]

web.nvd.nist.gov

cve-2020-27733

sql injection

zoho manageengine

applications manager

nvd

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.6%

JSON

Zoho ManageEngine Applications Manager before 14 build 14880 allows an authenticated SQL Injection via a crafted Alarmview request.

Affected configurations

NVD

Node

zohocorpmanageengine_applications_managerMatch14.0-

zohocorpmanageengine_applications_managerMatch14.0build14000

zohocorpmanageengine_applications_managerMatch14.0build14010

zohocorpmanageengine_applications_managerMatch14.0build14020

zohocorpmanageengine_applications_managerMatch14.0build14030

zohocorpmanageengine_applications_managerMatch14.0build14040

zohocorpmanageengine_applications_managerMatch14.0build14050

zohocorpmanageengine_applications_managerMatch14.0build14060

zohocorpmanageengine_applications_managerMatch14.0build14070

zohocorpmanageengine_applications_managerMatch14.0build14071

zohocorpmanageengine_applications_managerMatch14.0build14072

zohocorpmanageengine_applications_managerMatch14.0build14073

zohocorpmanageengine_applications_managerMatch14.0build14080

zohocorpmanageengine_applications_managerMatch14.0build14090

zohocorpmanageengine_applications_managerMatch14.0build14100

zohocorpmanageengine_applications_managerMatch14.0build14110

zohocorpmanageengine_applications_managerMatch14.0build14120

zohocorpmanageengine_applications_managerMatch14.0build14130

zohocorpmanageengine_applications_managerMatch14.0build14140

zohocorpmanageengine_applications_managerMatch14.0build14150

zohocorpmanageengine_applications_managerMatch14.0build14160

zohocorpmanageengine_applications_managerMatch14.0build14170

zohocorpmanageengine_applications_managerMatch14.0build14180

zohocorpmanageengine_applications_managerMatch14.0build14190

zohocorpmanageengine_applications_managerMatch14.0build14200

zohocorpmanageengine_applications_managerMatch14.0build14210

zohocorpmanageengine_applications_managerMatch14.0build14220

zohocorpmanageengine_applications_managerMatch14.0build14230

zohocorpmanageengine_applications_managerMatch14.0build14240

zohocorpmanageengine_applications_managerMatch14.0build14250

zohocorpmanageengine_applications_managerMatch14.0build14260

zohocorpmanageengine_applications_managerMatch14.0build14261

zohocorpmanageengine_applications_managerMatch14.0build14262

zohocorpmanageengine_applications_managerMatch14.0build14270

zohocorpmanageengine_applications_managerMatch14.0build14280

zohocorpmanageengine_applications_managerMatch14.0build14290

zohocorpmanageengine_applications_managerMatch14.0build14300

zohocorpmanageengine_applications_managerMatch14.0build14310

zohocorpmanageengine_applications_managerMatch14.0build14330

zohocorpmanageengine_applications_managerMatch14.0build14331

zohocorpmanageengine_applications_managerMatch14.0build14332

zohocorpmanageengine_applications_managerMatch14.0build14340

zohocorpmanageengine_applications_managerMatch14.0build14350

zohocorpmanageengine_applications_managerMatch14.0build14360

zohocorpmanageengine_applications_managerMatch14.0build14361

zohocorpmanageengine_applications_managerMatch14.0build14370

zohocorpmanageengine_applications_managerMatch14.0build14380

zohocorpmanageengine_applications_managerMatch14.0build14390

zohocorpmanageengine_applications_managerMatch14.0build14400

zohocorpmanageengine_applications_managerMatch14.0build14401

zohocorpmanageengine_applications_managerMatch14.0build14410

zohocorpmanageengine_applications_managerMatch14.0build14420

zohocorpmanageengine_applications_managerMatch14.0build14430

zohocorpmanageengine_applications_managerMatch14.0build14440

zohocorpmanageengine_applications_managerMatch14.0build14450

zohocorpmanageengine_applications_managerMatch14.0build14460

zohocorpmanageengine_applications_managerMatch14.0build14470

zohocorpmanageengine_applications_managerMatch14.0build14480

zohocorpmanageengine_applications_managerMatch14.0build14490

zohocorpmanageengine_applications_managerMatch14.0build14500

zohocorpmanageengine_applications_managerMatch14.0build14510

zohocorpmanageengine_applications_managerMatch14.0build14520

zohocorpmanageengine_applications_managerMatch14.0build14530

zohocorpmanageengine_applications_managerMatch14.0build14531

zohocorpmanageengine_applications_managerMatch14.0build14532

zohocorpmanageengine_applications_managerMatch14.0build14533

zohocorpmanageengine_applications_managerMatch14.0build14540

zohocorpmanageengine_applications_managerMatch14.0build14550

zohocorpmanageengine_applications_managerMatch14.0build14560

zohocorpmanageengine_applications_managerMatch14.0build14570

zohocorpmanageengine_applications_managerMatch14.0build14580

zohocorpmanageengine_applications_managerMatch14.0build14590

zohocorpmanageengine_applications_managerMatch14.0build14600

zohocorpmanageengine_applications_managerMatch14.0build14610

zohocorpmanageengine_applications_managerMatch14.0build14620

zohocorpmanageengine_applications_managerMatch14.0build14630

zohocorpmanageengine_applications_managerMatch14.0build14660

zohocorpmanageengine_applications_managerMatch14.0build14670

zohocorpmanageengine_applications_managerMatch14.0build14681

zohocorpmanageengine_applications_managerMatch14.0build14682

zohocorpmanageengine_applications_managerMatch14.0build14683

zohocorpmanageengine_applications_managerMatch14.0build14684

zohocorpmanageengine_applications_managerMatch14.0build14685

zohocorpmanageengine_applications_managerMatch14.0build14690

zohocorpmanageengine_applications_managerMatch14.0build14700

zohocorpmanageengine_applications_managerMatch14.0build14710

zohocorpmanageengine_applications_managerMatch14.0build14720

zohocorpmanageengine_applications_managerMatch14.0build14730

zohocorpmanageengine_applications_managerMatch14.0build14740

zohocorpmanageengine_applications_managerMatch14.0build14750

zohocorpmanageengine_applications_managerMatch14.0build14760

zohocorpmanageengine_applications_managerMatch14.0build14770

zohocorpmanageengine_applications_managerMatch14.0build14780

zohocorpmanageengine_applications_managerMatch14.0build14781

zohocorpmanageengine_applications_managerMatch14.0build14790

zohocorpmanageengine_applications_managerMatch14.0build14800

zohocorpmanageengine_applications_managerMatch14.0build14811

zohocorpmanageengine_applications_managerMatch14.0build14820

zohocorpmanageengine_applications_managerMatch14.0build14830

zohocorpmanageengine_applications_managerMatch14.0build14840

zohocorpmanageengine_applications_managerMatch14.0build14841

zohocorpmanageengine_applications_managerMatch14.0build14842

zohocorpmanageengine_applications_managerMatch14.0build14843

zohocorpmanageengine_applications_managerMatch14.0build14850

zohocorpmanageengine_applications_managerMatch14.0build14860

zohocorpmanageengine_applications_managerMatch14.0build14870

CPENameOperatorVersion
zohocorp:manageengine_applications_managerzohocorp manageengine applications managereq14.0

CPE	Name	Operator	Version
zohocorp:manageengine_applications_manager	zohocorp manageengine applications manager	eq	14.0

References

www.manageengine.com/products/applications_manager/issues.html#v14880

www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2020-27733.html

Social References

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.6%

JSON

Related for CVE-2020-27733

nvd1 cvelist1 prion1