Lucene search
0fc0942c-577d-436f-ae8e-945763c79b02NVD:CVE-2024-27311HistoryJul 17, 2024 - 11:15 a.m.
CVE-2024-27311
2024-07-1711:15:09
CWE-434
0fc0942c-577d-436f-ae8e-945763c79b02
web.nvd.nist.gov
6
zohocorp
manageengine
ddi central
directory traversal
vulnerability
file upload
server folder
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
51.3%
Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to directory traversal vulnerability which allows the user to upload new files to the server folder.
Affected configurations
Node
zohocorpmanageengine_ddi_centralRange<4002
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zohocorp | manageengine_ddi_central | * | cpe:2.3:a:zohocorp:manageengine_ddi_central:*:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2024-27311
2024-07-17 11:15:09
cvelist
cvelist
CVE-2024-27311 Arbitrary file writing
2024-07-17 10:52:45
vulnrichment
vulnrichment
CVE-2024-27311 Arbitrary file writing
2024-07-17 10:52:45
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
51.3%
Related for NVD:CVE-2024-27311