Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2020-28679
HistoryJan 10, 2022 - 6:15 p.m.

CVE-2020-28679

2022-01-1018:15:07
CWE-89
[email protected]
web.nvd.nist.gov
20
cve-2020-28679
vulnerability
zoho
manageengine
applications manager
sql injection
nvd

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

41.1%

JSON

A vulnerability in the showReports module of Zoho ManageEngine Applications Manager before build 14550 allows authenticated attackers to execute a SQL injection via a crafted request.

Affected configurations

NVD
Node
zohocorpmanageengine_applications_managerMatch11.0build11010
OR
zohocorpmanageengine_applications_managerMatch11.0build11020
OR
zohocorpmanageengine_applications_managerMatch11.0build11030
OR
zohocorpmanageengine_applications_managerMatch11.0build11040
OR
zohocorpmanageengine_applications_managerMatch11.0build11100
OR
zohocorpmanageengine_applications_managerMatch11.1build11110
OR
zohocorpmanageengine_applications_managerMatch11.2build11200
OR
zohocorpmanageengine_applications_managerMatch11.2build11210
OR
zohocorpmanageengine_applications_managerMatch11.2build11220
OR
zohocorpmanageengine_applications_managerMatch11.3build11300
OR
zohocorpmanageengine_applications_managerMatch11.4build11410
OR
zohocorpmanageengine_applications_managerMatch11.5build11520
OR
zohocorpmanageengine_applications_managerMatch11.6build11610
OR
zohocorpmanageengine_applications_managerMatch11.7build11700
OR
zohocorpmanageengine_applications_managerMatch11.8build11800
OR
zohocorpmanageengine_applications_managerMatch11.9build11900
OR
zohocorpmanageengine_applications_managerMatch11.9build11912
OR
zohocorpmanageengine_applications_managerMatch12.0build12000
OR
zohocorpmanageengine_applications_managerMatch12.0build12010
OR
zohocorpmanageengine_applications_managerMatch12.0build12020
OR
zohocorpmanageengine_applications_managerMatch12.1build12100
OR
zohocorpmanageengine_applications_managerMatch12.1build12120
OR
zohocorpmanageengine_applications_managerMatch12.2build12200
OR
zohocorpmanageengine_applications_managerMatch12.2build12210
OR
zohocorpmanageengine_applications_managerMatch12.3build12300
OR
zohocorpmanageengine_applications_managerMatch12.5build12500
OR
zohocorpmanageengine_applications_managerMatch12.6build12600
OR
zohocorpmanageengine_applications_managerMatch12.7build12700
OR
zohocorpmanageengine_applications_managerMatch12.7build12710
OR
zohocorpmanageengine_applications_managerMatch12.8build12810
OR
zohocorpmanageengine_applications_managerMatch12.9build12900
OR
zohocorpmanageengine_applications_managerMatch13.0build13000
OR
zohocorpmanageengine_applications_managerMatch13.1build13100
OR
zohocorpmanageengine_applications_managerMatch13.2build13200
OR
zohocorpmanageengine_applications_managerMatch13.2build13210
OR
zohocorpmanageengine_applications_managerMatch13.3build13300
OR
zohocorpmanageengine_applications_managerMatch13.4build13400
OR
zohocorpmanageengine_applications_managerMatch13.4build13410
OR
zohocorpmanageengine_applications_managerMatch13.4build13420
OR
zohocorpmanageengine_applications_managerMatch13.4build13430
OR
zohocorpmanageengine_applications_managerMatch13.4build13440
OR
zohocorpmanageengine_applications_managerMatch13.4build13450
OR
zohocorpmanageengine_applications_managerMatch13.5build13500
OR
zohocorpmanageengine_applications_managerMatch13.5build13510
OR
zohocorpmanageengine_applications_managerMatch13.5build13520
OR
zohocorpmanageengine_applications_managerMatch13.5build13530
OR
zohocorpmanageengine_applications_managerMatch13.5build13540
OR
zohocorpmanageengine_applications_managerMatch13.5build13550
OR
zohocorpmanageengine_applications_managerMatch13.5build13560
OR
zohocorpmanageengine_applications_managerMatch13.5build13570
OR
zohocorpmanageengine_applications_managerMatch13.5build13580
OR
zohocorpmanageengine_applications_managerMatch13.5build13590
OR
zohocorpmanageengine_applications_managerMatch13.5build13591
OR
zohocorpmanageengine_applications_managerMatch13.6build13600
OR
zohocorpmanageengine_applications_managerMatch13.6build13610
OR
zohocorpmanageengine_applications_managerMatch13.6build13620
OR
zohocorpmanageengine_applications_managerMatch13.6build13630
OR
zohocorpmanageengine_applications_managerMatch13.6build13640
OR
zohocorpmanageengine_applications_managerMatch13.6build13650
OR
zohocorpmanageengine_applications_managerMatch13.6build13660
OR
zohocorpmanageengine_applications_managerMatch13.6build13670
OR
zohocorpmanageengine_applications_managerMatch13.6build13680
OR
zohocorpmanageengine_applications_managerMatch13.6build13690
OR
zohocorpmanageengine_applications_managerMatch13.7build13700
OR
zohocorpmanageengine_applications_managerMatch13.7build13710
OR
zohocorpmanageengine_applications_managerMatch13.7build13720
OR
zohocorpmanageengine_applications_managerMatch13.7build13730
OR
zohocorpmanageengine_applications_managerMatch13.7build13740
OR
zohocorpmanageengine_applications_managerMatch13.7build13750
OR
zohocorpmanageengine_applications_managerMatch13.7build13760
OR
zohocorpmanageengine_applications_managerMatch13.7build13770
OR
zohocorpmanageengine_applications_managerMatch13.7build13780
OR
zohocorpmanageengine_applications_managerMatch13.7build13790
OR
zohocorpmanageengine_applications_managerMatch13.8build13800
OR
zohocorpmanageengine_applications_managerMatch13.8build13810
OR
zohocorpmanageengine_applications_managerMatch13.8build13820
OR
zohocorpmanageengine_applications_managerMatch13.8build13830
OR
zohocorpmanageengine_applications_managerMatch13.8build13831
OR
zohocorpmanageengine_applications_managerMatch13.8build13840
OR
zohocorpmanageengine_applications_managerMatch13.8build13850
OR
zohocorpmanageengine_applications_managerMatch13.8build13860
OR
zohocorpmanageengine_applications_managerMatch13.8build13870
OR
zohocorpmanageengine_applications_managerMatch13.8build13880
OR
zohocorpmanageengine_applications_managerMatch13.8build13890
OR
zohocorpmanageengine_applications_managerMatch13.9build13900
OR
zohocorpmanageengine_applications_managerMatch13.9build13910
OR
zohocorpmanageengine_applications_managerMatch13.9build13920
OR
zohocorpmanageengine_applications_managerMatch13.9build13930
OR
zohocorpmanageengine_applications_managerMatch13.9build13940
OR
zohocorpmanageengine_applications_managerMatch13.9build13950
OR
zohocorpmanageengine_applications_managerMatch13.9build13960
OR
zohocorpmanageengine_applications_managerMatch13.9build13970
OR
zohocorpmanageengine_applications_managerMatch13.9build13980
OR
zohocorpmanageengine_applications_managerMatch13.9build13990
OR
zohocorpmanageengine_applications_managerMatch14.0build14000
OR
zohocorpmanageengine_applications_managerMatch14.0build14010
OR
zohocorpmanageengine_applications_managerMatch14.0build14020
OR
zohocorpmanageengine_applications_managerMatch14.0build14030
OR
zohocorpmanageengine_applications_managerMatch14.0build14040
OR
zohocorpmanageengine_applications_managerMatch14.0build14050
OR
zohocorpmanageengine_applications_managerMatch14.0build14060
OR
zohocorpmanageengine_applications_managerMatch14.0build14070
OR
zohocorpmanageengine_applications_managerMatch14.0build14071
OR
zohocorpmanageengine_applications_managerMatch14.0build14072
OR
zohocorpmanageengine_applications_managerMatch14.0build14073
OR
zohocorpmanageengine_applications_managerMatch14.0build14080
OR
zohocorpmanageengine_applications_managerMatch14.0build14090
OR
zohocorpmanageengine_applications_managerMatch14.1build14100
OR
zohocorpmanageengine_applications_managerMatch14.1build14110
OR
zohocorpmanageengine_applications_managerMatch14.1build14120
OR
zohocorpmanageengine_applications_managerMatch14.1build14130
OR
zohocorpmanageengine_applications_managerMatch14.1build14140
OR
zohocorpmanageengine_applications_managerMatch14.1build14150
OR
zohocorpmanageengine_applications_managerMatch14.1build14160
OR
zohocorpmanageengine_applications_managerMatch14.1build14170
OR
zohocorpmanageengine_applications_managerMatch14.1build14180
OR
zohocorpmanageengine_applications_managerMatch14.1build14190
OR
zohocorpmanageengine_applications_managerMatch14.2build14200
OR
zohocorpmanageengine_applications_managerMatch14.2build14210
OR
zohocorpmanageengine_applications_managerMatch14.2build14220
OR
zohocorpmanageengine_applications_managerMatch14.2build14230
OR
zohocorpmanageengine_applications_managerMatch14.2build14240
OR
zohocorpmanageengine_applications_managerMatch14.2build14250
OR
zohocorpmanageengine_applications_managerMatch14.2build14260
OR
zohocorpmanageengine_applications_managerMatch14.2build14261
OR
zohocorpmanageengine_applications_managerMatch14.2build14262
OR
zohocorpmanageengine_applications_managerMatch14.2build14270
OR
zohocorpmanageengine_applications_managerMatch14.2build14280
OR
zohocorpmanageengine_applications_managerMatch14.2build14290
OR
zohocorpmanageengine_applications_managerMatch14.3build14300
OR
zohocorpmanageengine_applications_managerMatch14.3build14310
OR
zohocorpmanageengine_applications_managerMatch14.3build14330
OR
zohocorpmanageengine_applications_managerMatch14.3build14331
OR
zohocorpmanageengine_applications_managerMatch14.3build14332
OR
zohocorpmanageengine_applications_managerMatch14.3build14340
OR
zohocorpmanageengine_applications_managerMatch14.3build14350
OR
zohocorpmanageengine_applications_managerMatch14.3build14360
OR
zohocorpmanageengine_applications_managerMatch14.3build14361
OR
zohocorpmanageengine_applications_managerMatch14.3build14370
OR
zohocorpmanageengine_applications_managerMatch14.3build14380
OR
zohocorpmanageengine_applications_managerMatch14.3build14390
OR
zohocorpmanageengine_applications_managerMatch14.4build14400
OR
zohocorpmanageengine_applications_managerMatch14.4build14401
OR
zohocorpmanageengine_applications_managerMatch14.4build14410
OR
zohocorpmanageengine_applications_managerMatch14.4build14420
OR
zohocorpmanageengine_applications_managerMatch14.4build14430
OR
zohocorpmanageengine_applications_managerMatch14.4build14440
OR
zohocorpmanageengine_applications_managerMatch14.4build14450
OR
zohocorpmanageengine_applications_managerMatch14.4build14460
OR
zohocorpmanageengine_applications_managerMatch14.4build14470
OR
zohocorpmanageengine_applications_managerMatch14.4build14480
OR
zohocorpmanageengine_applications_managerMatch14.4build14490
OR
zohocorpmanageengine_applications_managerMatch14.5build14500
OR
zohocorpmanageengine_applications_managerMatch14.5build14510
OR
zohocorpmanageengine_applications_managerMatch14.5build14520
OR
zohocorpmanageengine_applications_managerMatch14.5build14530
OR
zohocorpmanageengine_applications_managerMatch14.5build14540
CPENameOperatorVersion
zohocorp:manageengine_applications_managerzohocorp manageengine applications managereq11.0
zohocorp:manageengine_applications_managerzohocorp manageengine applications managereq11.1
zohocorp:manageengine_applications_managerzohocorp manageengine applications managereq11.2
zohocorp:manageengine_applications_managerzohocorp manageengine applications managereq11.3
zohocorp:manageengine_applications_managerzohocorp manageengine applications managereq11.4
zohocorp:manageengine_applications_managerzohocorp manageengine applications managereq11.5
zohocorp:manageengine_applications_managerzohocorp manageengine applications managereq11.6
zohocorp:manageengine_applications_managerzohocorp manageengine applications managereq11.7
zohocorp:manageengine_applications_managerzohocorp manageengine applications managereq11.8
zohocorp:manageengine_applications_managerzohocorp manageengine applications managereq11.9
Rows per page:
1-10 of 351

Related

prion 1
cvelist 1
cnvd 1
nvd 1
prion
prion
Sql injection
2022-01-10 18:15:00
cvelist
cvelist
CVE-2020-28679
2022-01-10 17:47:37
cnvd
cnvd
Zoho ManageEngine Applications Manager SQL Injection Vulnerability
2022-01-21 00:00:00
nvd
nvd
CVE-2020-28679
2022-01-10 18:15:07

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

41.1%

JSON
Related for CVE-2020-28679
prion1cvelist1cnvd1nvd1