Lucene search
K

4 matches found

NVD
NVD
added 2018/06/06 3:29 a.m.18 views

CVE-2018-11808

Incorrect Access Control in CustomFieldsFeedServlet in Zoho ManageEngine Applications Manager Version 13 before build 13740 allows an attacker to delete any file and read certain files on the server in the context of the user which by default is "NT AUTHORITY / SYSTEM" by sending a specially...

10CVSS9.1AI score0.06417EPSS
Exploits0References4
OSV
OSV
added 2018/06/06 3:29 a.m.4 views

CVE-2018-11808

Incorrect Access Control in CustomFieldsFeedServlet in Zoho ManageEngine Applications Manager Version 13 before build 13740 allows an attacker to delete any file and read certain files on the server in the context of the user which by default is "NT AUTHORITY / SYSTEM" by sending a specially...

9.1CVSS5.8AI score0.06417EPSS
Exploits0References4
Cvelist
Cvelist
added 2018/06/06 3:0 a.m.19 views

CVE-2018-11808

Incorrect Access Control in CustomFieldsFeedServlet in Zoho ManageEngine Applications Manager Version 13 before build 13740 allows an attacker to delete any file and read certain files on the server in the context of the user which by default is "NT AUTHORITY / SYSTEM" by sending a specially...

9.1AI score0.06417EPSS
Exploits0References4
CVE
CVE
added 2018/06/06 3:0 a.m.46 views

CVE-2018-11808

CVE-2018-11808 affects Zoho ManageEngine Applications Manager 13 before build 13740, where the CustomFieldsFeedServlet has improper access control. An attacker can remotely craft a request to delete arbitrary files and read certain files on the server, running in the context of the default user N...

10CVSS8.9AI score0.06417EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder