Lucene search
K

72 matches found

NVD
NVD
added 2021/11/01 9:15 p.m.24 views

CVE-2021-20136

ManageEngine Log360 Builds 5235 are affected by an improper access control vulnerability allowing database configuration overwrite. An unauthenticated remote attacker can send a specially crafted message to Log360 to change its backend database to an attacker-controlled database and to force Log3...

9.8CVSS0.10453EPSS
Exploits1References1
OSV
OSV
added 2021/11/01 9:15 p.m.5 views

CVE-2021-20136

ManageEngine Log360 Builds 5235 are affected by an improper access control vulnerability allowing database configuration overwrite. An unauthenticated remote attacker can send a specially crafted message to Log360 to change its backend database to an attacker-controlled database and to force Log3...

9.8CVSS6.4AI score0.10453EPSS
Exploits1References1
Prion
Prion
added 2021/11/01 9:15 p.m.24 views

Improper access control

ManageEngine Log360 Builds 5235 are affected by an improper access control vulnerability allowing database configuration overwrite. An unauthenticated remote attacker can send a specially crafted message to Log360 to change its backend database to an attacker-controlled database and to force Log3...

7.5CVSS9.6AI score0.10453EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/11/01 8:55 p.m.28 views

CVE-2021-20136

ManageEngine Log360 Builds 5235 are affected by an improper access control vulnerability allowing database configuration overwrite. An unauthenticated remote attacker can send a specially crafted message to Log360 to change its backend database to an attacker-controlled database and to force Log3...

9.9AI score0.10453EPSS
Exploits1References1
CVE
CVE
added 2021/11/01 8:55 p.m.69 views

CVE-2021-20136

CVE-2021-20136 affects ManageEngine Log360 builds before 5235. The flaw is an improper access control that lets an unauthenticated attacker send crafted messages to overwrite the backend database configuration and force Log360 to restart. This can enable remote code execution by replacing startup...

9.8CVSS9.7AI score0.10453EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/11/01 12:0 a.m.4 views

ZOHO ManageEngine Log360 访问控制错误漏洞

ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. The solution helps you mitigate security threats, detect persistent attack attempts, detect suspicious user activity, and comply with regulatory requirements.ZOHO ManageEngi...

9.8CVSS6.1AI score0.10453EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/09/24 12:0 a.m.22 views

ManageEngine Log360 Detection

Binary data manageenginelog360detect.nbin...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/09/24 12:0 a.m.264 views

ManageEngine Log360 < Build 5229 REST API Restriction Bypass RCE

Binary data manageenginelog360cve-2021-40539.nbin...

9.8CVSS9.8AI score0.9896EPSS
Exploits8References2
CNVD
CNVD
added 2021/08/31 12:0 a.m.14 views

ZOHO ManageEngine Log360 Cross-Site Scripting Vulnerability (CNVD-2021-67511)

ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. The solution helps you mitigate security threats, detect persistent attack attempts, detect suspicious user activity, and comply with regulatory requirements.A cross-site...

6.1CVSS1.8AI score0.00821EPSS
Exploits0References1
CNVD
CNVD
added 2021/08/31 12:0 a.m.21 views

ZOHO ManageEngine Log360 code issue vulnerability

ZzOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. The solution helps you mitigate security threats, detect persistent attack attempts, detect suspicious user activity, and comply with regulatory requirements.A code issue...

9.8CVSS2.3AI score0.04603EPSS
Exploits0References1
CNVD
CNVD
added 2021/08/31 12:0 a.m.19 views

ZOHO ManageEngine Log360 Cross-Site Scripting Vulnerability

ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. A cross-site scripting vulnerability exists in ZOHO ManageEngine Log360, which stems from the product's failure to validate user data. An attacker could execute client-side...

6.1CVSS3AI score0.00821EPSS
Exploits0References1
CNVD
CNVD
added 2021/08/31 12:0 a.m.18 views

ZOHO ManageEngine Log360 Input Validation Error Vulnerability

ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. The solution helps you mitigate security threats, detect persistent attack attempts, detect suspicious user activity, and comply with regulatory requirements.An input...

9.8CVSS2.2AI score0.07013EPSS
Exploits0References1
CNVD
CNVD
added 2021/08/31 12:0 a.m.17 views

ZOHO ManageEngine Log360 Code Injection Vulnerability

ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. The solution helps you mitigate security threats, detect persistent attack attempts, detect suspicious user activity and comply with regulatory requirements.A code injection...

8.8CVSS2AI score0.00994EPSS
Exploits0References1
NVD
NVD
added 2021/08/29 8:15 p.m.23 views

CVE-2021-40177

Zoho ManageEngine Log360 before Build 5225 allows remote code execution via BCP file overwrite...

9.8CVSS0.04603EPSS
Exploits0References1
OSV
OSV
added 2021/08/29 8:15 p.m.4 views

CVE-2021-40178

Zoho ManageEngine Log360 before Build 5224 allows stored XSS via the LOGOPATH key value in the logon settings...

6.1CVSS6.4AI score0.00821EPSS
Exploits0References1
OSV
OSV
added 2021/08/29 8:15 p.m.5 views

CVE-2021-40177

Zoho ManageEngine Log360 before Build 5225 allows remote code execution via BCP file overwrite...

9.8CVSS6.3AI score0.04603EPSS
Exploits0References1
OSV
OSV
added 2021/08/29 8:15 p.m.7 views

CVE-2021-40176

Zoho ManageEngine Log360 before Build 5225 allows stored XSS...

6.1CVSS6.4AI score0.00821EPSS
Exploits0References1
NVD
NVD
added 2021/08/29 8:15 p.m.17 views

CVE-2021-40174

Zoho ManageEngine Log360 before Build 5224 allows a CSRF attack for disabling the logon security settings...

8.8CVSS0.00994EPSS
Exploits0References1
OSV
OSV
added 2021/08/29 8:15 p.m.3 views

CVE-2021-40174

Zoho ManageEngine Log360 before Build 5224 allows a CSRF attack for disabling the logon security settings...

8.8CVSS7.3AI score0.00994EPSS
Exploits0References1
NVD
NVD
added 2021/08/29 8:15 p.m.22 views

CVE-2021-40176

Zoho ManageEngine Log360 before Build 5225 allows stored XSS...

6.1CVSS0.00821EPSS
Exploits0References1
Rows per page
Query Builder