Lucene search
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.MANAGEENGINE_OPMANAGER_CVE-2020-28653.NBINHistoryApr 02, 2021 - 12:00 a.m.
ManageEngine OpManager Smart Update Manager RCE
2021-04-0200:00:00
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
34
The OpManager running on the remote host is affected by an unauthenticated remote code execution vulnerability in the Smart Update Manager (SUM) servlet.
This plugin attempts to detect the issue by sending a serialized Java object to OpManager and looking for a TCP connection initiated from the remote host to the Nessus scanner. In some environments, the TCP SYN packet may not reach the scanner due to network controls. In this case, the plugin may not detect the issue.
Binary data manageengine_opmanager_cve-2020-28653.nbin| Vendor | Product | Version | CPE |
|---|---|---|---|
| zohocorp | manageengine_opmanager | cpe:/a:zohocorp:manageengine_opmanager |
Related
prion
prion
Remote code execution
2021-02-03 16:15:00
cve
cve
CVE-2020-28653
2021-02-03 16:15:00
cnvd
cnvd
ZOHO ManageEngine OpManager Remote Code Execution Vulnerability
2021-02-05 00:00:00
zdt
zdt
ManageEngine OpManager SumPDU Java Deserialization Exploit
2021-09-21 00:00:00
githubexploit
githubexploit
Exploit for Vulnerability in Oracle Mysql
2021-09-13 17:27:02
packetstorm
packetstorm
ManageEngine OpManager SumPDU Java Deserialization
2021-09-21 00:00:00
metasploit
metasploit
ManageEngine OpManager SumPDU Java Deserialization
2021-09-14 13:10:44
rapid7blog
rapid7blog
Metasploit Wrap-Up
2021-09-24 20:05:51
Related for MANAGEENGINE_OPMANAGER_CVE-2020-28653.NBIN