Lucene search
HistoryDec 04, 2014 - 5:59 p.m.
CVE-2014-6035
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.1
Confidence
Low
EPSS
0.946
Percentile
99.2%
Directory traversal vulnerability in the FileCollector servlet in ZOHO ManageEngine OpManager 11.4, 11.3, and earlier allows remote attackers to write and execute arbitrary files via a … (dot dot) in the FILENAME parameter.
Affected configurations
Node
zohocorpmanageengine_opmanagerRange≤11.3
ORzohocorpmanageengine_opmanagerMatch11.4
Related
dsquare
dsquare
ManageEngine OpManager FileCollector Servlet File Upload
2014-11-30 00:00:00
zdi
zdi
cvelist
cvelist
CVE-2014-6035
2014-12-04 17:00:00
prion
prion
Directory traversal
2014-12-04 17:59:00
checkpoint_advisories
checkpoint_advisories
cve
cve
CVE-2014-6035
2014-12-04 17:59:03
openvas
openvas
ManageEngine OpManager Multiple Vulnerabilities (Nov 2014) - Active Check
2014-11-24 00:00:00
packetstorm
packetstorm
ManageEngine Code Execution / File Deletion
2014-09-29 00:00:00
nessus
nessus
ManageEngine OpManager Multiple Directory Traversal Vulnerabilities
2015-02-16 00:00:00
securityvulns
securityvulns
exploitpack
exploitpack
ManageEngine OpManager Social IT Plus IT360 - Multiple Vulnerabilities
2014-11-09 00:00:00
zdt
zdt
ManageEngine OpManager / Social IT Plus / IT360 - Multiple Vulnerabilities
2018-01-26 00:00:00
exploitdb
exploitdb
ManageEngine OpManager / Social IT Plus / IT360 - Multiple Vulnerabilities
2014-11-09 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.1
Confidence
Low
EPSS
0.946
Percentile
99.2%
Related for NVD:CVE-2014-6035