Lucene search
K

5 matches found

Check Point Advisories
Check Point Advisories
added 2019/02/20 12:0 a.m.4 views

Zoho ManageEngine OpManager SQL Injection (CVE-2018-17823; CVE-2018-17283)

An SQL injection vulnerability exists in ManageEngine. This vulnerability is due to insufficient validation of the name parameter when processing requests sent. Successful exploitation could lead to arbitrary SQL code execution in the security context of database service...

5CVSS3.5AI score0.66347EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2018/12/04 12:0 a.m.3 views

Zoho ManageEngine OpManager oputilsServlet Authentication Bypass (CVE-2018-17283)

An authentication bypass vulnerability exists in ManageEngine OpManager. The vulnerability is due to lack of access control of /oputilsServlet?action=getAPIKey method...

5CVSS3.4AI score0.66347EPSS
Exploits1
NVD
NVD
added 2018/09/21 3:29 a.m.12 views

CVE-2018-17283

Zoho ManageEngine OpManager before 12.3 Build 123196 does not require authentication for /oputilsServlet requests, as demonstrated by a /oputilsServlet?action=getAPIKey request that can be leveraged against Firewall Analyzer to add an admin user via /api/json/v2/admin/addUser or conduct a SQL...

7.5CVSS8AI score0.66347EPSS
Exploits1References2
Cvelist
Cvelist
added 2018/09/21 3:0 a.m.18 views

CVE-2018-17283

Zoho ManageEngine OpManager before 12.3 Build 123196 does not require authentication for /oputilsServlet requests, as demonstrated by a /oputilsServlet?action=getAPIKey request that can be leveraged against Firewall Analyzer to add an admin user via /api/json/v2/admin/addUser or conduct a SQL...

8AI score0.66347EPSS
Exploits1References2
CVE
CVE
added 2018/09/21 3:0 a.m.85 views

CVE-2018-17283

Zoho ManageEngine OpManager before 12.3 Build 123196 is affected by an authentication bypass in /oputilsServlet and can be leveraged for SQL injection via /api/json/device/setManaged name parameter or to add an admin user via /api/json/v2/admin/addUser. The vulnerability arises from lack of acces...

7.5CVSS8AI score0.66347EPSS
In wildExploits1References2Affected Software1
Rows per page
Query Builder