Lucene search

[email protected]NVD:CVE-2018-5353

HistorySep 30, 2020 - 6:15 p.m.

CVE-2018-5353

2020-09-3018:15:15

CWE-290

[email protected]

web.nvd.nist.gov

zoho manageengine

adselfservice plus

remote attackers

code execution

privilege escalation

spoofing

browser

authentication

winlogon.exe

process

network level authentication

rdp

misconfigured certificate

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.036

Percentile

91.7%

JSON

The custom GINA/CP module in Zoho ManageEngine ADSelfService Plus before 5.5 build 5517 allows remote attackers to execute code and escalate privileges via spoofing. It does not authenticate the intended server before opening a browser window. An unauthenticated attacker capable of conducting a spoofing attack can redirect the browser to gain execution in the context of the WinLogon.exe process. If Network Level Authentication is not enforced, the vulnerability can be exploited via RDP. Additionally, if the web server has a misconfigured certificate then no spoofing attack is required

Affected configurations

Nvd

Node

zohocorpmanageengine_adselfservice_plusRange<5.5

zohocorpmanageengine_adselfservice_plusMatch5.5-

zohocorpmanageengine_adselfservice_plusMatch5.55500

zohocorpmanageengine_adselfservice_plusMatch5.55501

zohocorpmanageengine_adselfservice_plusMatch5.55502

zohocorpmanageengine_adselfservice_plusMatch5.55503

zohocorpmanageengine_adselfservice_plusMatch5.55504

zohocorpmanageengine_adselfservice_plusMatch5.55505

zohocorpmanageengine_adselfservice_plusMatch5.55506

zohocorpmanageengine_adselfservice_plusMatch5.55507

zohocorpmanageengine_adselfservice_plusMatch5.55508

zohocorpmanageengine_adselfservice_plusMatch5.55509

zohocorpmanageengine_adselfservice_plusMatch5.55510

zohocorpmanageengine_adselfservice_plusMatch5.55511

zohocorpmanageengine_adselfservice_plusMatch5.55512

zohocorpmanageengine_adselfservice_plusMatch5.55513

zohocorpmanageengine_adselfservice_plusMatch5.55514

zohocorpmanageengine_adselfservice_plusMatch5.55515

zohocorpmanageengine_adselfservice_plusMatch5.55516

VendorProductVersionCPE
zohocorpmanageengine_adselfservice_plus*cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:*:*:*:*:*:*:*:*
zohocorpmanageengine_adselfservice_plus5.5cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:-:*:*:*:*:*:*
zohocorpmanageengine_adselfservice_plus5.5cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5500:*:*:*:*:*:*
zohocorpmanageengine_adselfservice_plus5.5cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5501:*:*:*:*:*:*
zohocorpmanageengine_adselfservice_plus5.5cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5502:*:*:*:*:*:*
zohocorpmanageengine_adselfservice_plus5.5cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5503:*:*:*:*:*:*
zohocorpmanageengine_adselfservice_plus5.5cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5504:*:*:*:*:*:*
zohocorpmanageengine_adselfservice_plus5.5cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5505:*:*:*:*:*:*
zohocorpmanageengine_adselfservice_plus5.5cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5506:*:*:*:*:*:*
zohocorpmanageengine_adselfservice_plus5.5cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5507:*:*:*:*:*:*

Vendor	Product	Version	CPE
zohocorp	manageengine_adselfservice_plus	*	cpe:2.3:a:zohocorp:manageengine_adselfservice_plus::::::::
zohocorp	manageengine_adselfservice_plus	5.5	cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:-::::::
zohocorp	manageengine_adselfservice_plus	5.5	cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5500::::::
zohocorp	manageengine_adselfservice_plus	5.5	cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5501::::::
zohocorp	manageengine_adselfservice_plus	5.5	cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5502::::::
zohocorp	manageengine_adselfservice_plus	5.5	cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5503::::::
zohocorp	manageengine_adselfservice_plus	5.5	cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5504::::::
zohocorp	manageengine_adselfservice_plus	5.5	cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5505::::::
zohocorp	manageengine_adselfservice_plus	5.5	cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5506::::::
zohocorp	manageengine_adselfservice_plus	5.5	cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5507::::::

Rows per page:

1-10 of 191

References

zoho.com

github.com/missing0x00/CVE-2018-5353

www.manageengine.com/products/self-service-password/release-notes.html

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.036

Percentile

91.7%

JSON

Related for NVD:CVE-2018-5353

cvelist1 prion1 cve1