Lucene search

K
cve[email protected]CVE-2020-27733
HistoryJan 19, 2021 - 4:15 p.m.

CVE-2020-27733

2021-01-1916:15:12
CWE-89
web.nvd.nist.gov
24
4
cve-2020-27733
sql injection
zoho manageengine
applications manager
nvd

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.6%

Zoho ManageEngine Applications Manager before 14 build 14880 allows an authenticated SQL Injection via a crafted Alarmview request.

Affected configurations

NVD
Node
zohocorpmanageengine_applications_managerMatch14.0-
OR
zohocorpmanageengine_applications_managerMatch14.0build14000
OR
zohocorpmanageengine_applications_managerMatch14.0build14010
OR
zohocorpmanageengine_applications_managerMatch14.0build14020
OR
zohocorpmanageengine_applications_managerMatch14.0build14030
OR
zohocorpmanageengine_applications_managerMatch14.0build14040
OR
zohocorpmanageengine_applications_managerMatch14.0build14050
OR
zohocorpmanageengine_applications_managerMatch14.0build14060
OR
zohocorpmanageengine_applications_managerMatch14.0build14070
OR
zohocorpmanageengine_applications_managerMatch14.0build14071
OR
zohocorpmanageengine_applications_managerMatch14.0build14072
OR
zohocorpmanageengine_applications_managerMatch14.0build14073
OR
zohocorpmanageengine_applications_managerMatch14.0build14080
OR
zohocorpmanageengine_applications_managerMatch14.0build14090
OR
zohocorpmanageengine_applications_managerMatch14.0build14100
OR
zohocorpmanageengine_applications_managerMatch14.0build14110
OR
zohocorpmanageengine_applications_managerMatch14.0build14120
OR
zohocorpmanageengine_applications_managerMatch14.0build14130
OR
zohocorpmanageengine_applications_managerMatch14.0build14140
OR
zohocorpmanageengine_applications_managerMatch14.0build14150
OR
zohocorpmanageengine_applications_managerMatch14.0build14160
OR
zohocorpmanageengine_applications_managerMatch14.0build14170
OR
zohocorpmanageengine_applications_managerMatch14.0build14180
OR
zohocorpmanageengine_applications_managerMatch14.0build14190
OR
zohocorpmanageengine_applications_managerMatch14.0build14200
OR
zohocorpmanageengine_applications_managerMatch14.0build14210
OR
zohocorpmanageengine_applications_managerMatch14.0build14220
OR
zohocorpmanageengine_applications_managerMatch14.0build14230
OR
zohocorpmanageengine_applications_managerMatch14.0build14240
OR
zohocorpmanageengine_applications_managerMatch14.0build14250
OR
zohocorpmanageengine_applications_managerMatch14.0build14260
OR
zohocorpmanageengine_applications_managerMatch14.0build14261
OR
zohocorpmanageengine_applications_managerMatch14.0build14262
OR
zohocorpmanageengine_applications_managerMatch14.0build14270
OR
zohocorpmanageengine_applications_managerMatch14.0build14280
OR
zohocorpmanageengine_applications_managerMatch14.0build14290
OR
zohocorpmanageengine_applications_managerMatch14.0build14300
OR
zohocorpmanageengine_applications_managerMatch14.0build14310
OR
zohocorpmanageengine_applications_managerMatch14.0build14330
OR
zohocorpmanageengine_applications_managerMatch14.0build14331
OR
zohocorpmanageengine_applications_managerMatch14.0build14332
OR
zohocorpmanageengine_applications_managerMatch14.0build14340
OR
zohocorpmanageengine_applications_managerMatch14.0build14350
OR
zohocorpmanageengine_applications_managerMatch14.0build14360
OR
zohocorpmanageengine_applications_managerMatch14.0build14361
OR
zohocorpmanageengine_applications_managerMatch14.0build14370
OR
zohocorpmanageengine_applications_managerMatch14.0build14380
OR
zohocorpmanageengine_applications_managerMatch14.0build14390
OR
zohocorpmanageengine_applications_managerMatch14.0build14400
OR
zohocorpmanageengine_applications_managerMatch14.0build14401
OR
zohocorpmanageengine_applications_managerMatch14.0build14410
OR
zohocorpmanageengine_applications_managerMatch14.0build14420
OR
zohocorpmanageengine_applications_managerMatch14.0build14430
OR
zohocorpmanageengine_applications_managerMatch14.0build14440
OR
zohocorpmanageengine_applications_managerMatch14.0build14450
OR
zohocorpmanageengine_applications_managerMatch14.0build14460
OR
zohocorpmanageengine_applications_managerMatch14.0build14470
OR
zohocorpmanageengine_applications_managerMatch14.0build14480
OR
zohocorpmanageengine_applications_managerMatch14.0build14490
OR
zohocorpmanageengine_applications_managerMatch14.0build14500
OR
zohocorpmanageengine_applications_managerMatch14.0build14510
OR
zohocorpmanageengine_applications_managerMatch14.0build14520
OR
zohocorpmanageengine_applications_managerMatch14.0build14530
OR
zohocorpmanageengine_applications_managerMatch14.0build14531
OR
zohocorpmanageengine_applications_managerMatch14.0build14532
OR
zohocorpmanageengine_applications_managerMatch14.0build14533
OR
zohocorpmanageengine_applications_managerMatch14.0build14540
OR
zohocorpmanageengine_applications_managerMatch14.0build14550
OR
zohocorpmanageengine_applications_managerMatch14.0build14560
OR
zohocorpmanageengine_applications_managerMatch14.0build14570
OR
zohocorpmanageengine_applications_managerMatch14.0build14580
OR
zohocorpmanageengine_applications_managerMatch14.0build14590
OR
zohocorpmanageengine_applications_managerMatch14.0build14600
OR
zohocorpmanageengine_applications_managerMatch14.0build14610
OR
zohocorpmanageengine_applications_managerMatch14.0build14620
OR
zohocorpmanageengine_applications_managerMatch14.0build14630
OR
zohocorpmanageengine_applications_managerMatch14.0build14660
OR
zohocorpmanageengine_applications_managerMatch14.0build14670
OR
zohocorpmanageengine_applications_managerMatch14.0build14681
OR
zohocorpmanageengine_applications_managerMatch14.0build14682
OR
zohocorpmanageengine_applications_managerMatch14.0build14683
OR
zohocorpmanageengine_applications_managerMatch14.0build14684
OR
zohocorpmanageengine_applications_managerMatch14.0build14685
OR
zohocorpmanageengine_applications_managerMatch14.0build14690
OR
zohocorpmanageengine_applications_managerMatch14.0build14700
OR
zohocorpmanageengine_applications_managerMatch14.0build14710
OR
zohocorpmanageengine_applications_managerMatch14.0build14720
OR
zohocorpmanageengine_applications_managerMatch14.0build14730
OR
zohocorpmanageengine_applications_managerMatch14.0build14740
OR
zohocorpmanageengine_applications_managerMatch14.0build14750
OR
zohocorpmanageengine_applications_managerMatch14.0build14760
OR
zohocorpmanageengine_applications_managerMatch14.0build14770
OR
zohocorpmanageengine_applications_managerMatch14.0build14780
OR
zohocorpmanageengine_applications_managerMatch14.0build14781
OR
zohocorpmanageengine_applications_managerMatch14.0build14790
OR
zohocorpmanageengine_applications_managerMatch14.0build14800
OR
zohocorpmanageengine_applications_managerMatch14.0build14811
OR
zohocorpmanageengine_applications_managerMatch14.0build14820
OR
zohocorpmanageengine_applications_managerMatch14.0build14830
OR
zohocorpmanageengine_applications_managerMatch14.0build14840
OR
zohocorpmanageengine_applications_managerMatch14.0build14841
OR
zohocorpmanageengine_applications_managerMatch14.0build14842
OR
zohocorpmanageengine_applications_managerMatch14.0build14843
OR
zohocorpmanageengine_applications_managerMatch14.0build14850
OR
zohocorpmanageengine_applications_managerMatch14.0build14860
OR
zohocorpmanageengine_applications_managerMatch14.0build14870

Social References

More

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.6%

Related for CVE-2020-27733