Lucene search
K

203 matches found

Cvelist
Cvelist
added 2021/04/30 12:16 p.m.22 views

CVE-2021-28959

Zoho ManageEngine Eventlog Analyzer through 12147 is vulnerable to unauthenticated directory traversal via an entry in a ZIP archive. This leads to remote code execution...

10AI score0.16912EPSS
Exploits0References2
CVE
CVE
added 2021/04/30 12:16 p.m.43 views

CVE-2021-28959

CVE-2021-28959 affects Zoho ManageEngine Eventlog Analyzer up to version 12147. Multiple connected sources (Red Hat, CNVD, NVD, CVE records) confirm an unauthenticated directory traversal via a ZIP archive entry that leads to remote code execution. The issue is a server-side path traversal vulner...

9.8CVSS9.8AI score0.16912EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2021/04/30 12:0 a.m.7 views

Zoho ManageEngine Eventlog Analyzer 路径遍历漏洞

ZOHO ManageEngine EventLog Analyzer is a system and event log analysis software from ZOHO. A path traversal vulnerability exists in Zoho ManageEngine Eventlog Analyzer 12147 and earlier versions, which is caused by an unauthenticated directory traversal through a ZIP archive entry. An attacker...

9.8CVSS6.2AI score0.16912EPSS
Exploits0References3
NVD
NVD
added 2020/08/31 3:15 p.m.29 views

CVE-2020-24786

An issue was discovered in Zoho ManageEngine Exchange Reporter Plus before build number 5510, AD360 before build number 4228, ADSelfService Plus before build number 5817, DataSecurity Plus before build number 6033, RecoverManager Plus before build number 6017, EventLog Analyzer before build numbe...

10CVSS9.5AI score0.12822EPSS
Exploits0References12
Prion
Prion
added 2020/08/31 3:15 p.m.23 views

Authentication flaw

An issue was discovered in Zoho ManageEngine Exchange Reporter Plus before build number 5510, AD360 before build number 4228, ADSelfService Plus before build number 5817, DataSecurity Plus before build number 6033, RecoverManager Plus before build number 6017, EventLog Analyzer before build numbe...

10CVSS9.4AI score0.12822EPSS
Exploits0References12Affected Software11
CVE
CVE
added 2020/08/31 2:2 p.m.67 views

CVE-2020-24786

CVE-2020-24786 affects multiple ManageEngine products (Exchange Reporter Plus, AD360, ADSelfService Plus, DataSecurity Plus, RecoverManager Plus, EventLog Analyzer, ADAudit Plus, O365 Manager Plus, Cloud Security Plus, ADManager Plus, Log360) with a remotely accessible Java servlet (com.manageeng...

10CVSS9.4AI score0.12822EPSS
Exploits0References12Affected Software1
0day.today
0day.today
added 2020/02/24 12:0 a.m.106 views

ManageEngine EventLog Analyzer 10.0 - Information Disclosure Vulnerability

Exploit for java platform in category web applications Exploit Title: ManageEngine EventLog Analyzer 10.0 - Information Disclosure Author: Scott Goodwin Vendor: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/eventlog/ CVE: CVE-2019-19774 Vulnerability Name:...

4CVSS8.7AI score0.12517EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/02/24 12:0 a.m.214 views

ManageEngine EventLog Analyzer 10.0 - Information Disclosure

Exploit Title: ManageEngine EventLog Analyzer 10.0 - Information Disclosure Date: 2020-02-23 Author:Scott Goodwin Vendor: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/eventlog/ CVE: CVE-2019-19774 Vulnerability Name: Authenticated Information Disclosure in...

8.8CVSS8.8AI score0.12517EPSS
Exploits5
exploitpack
exploitpack
added 2020/02/24 12:0 a.m.110 views

ManageEngine EventLog Analyzer 10.0 - Information Disclosure

ManageEngine EventLog Analyzer 10.0 - Information Disclosure Exploit Title: ManageEngine EventLog Analyzer 10.0 - Information Disclosure Date: 2020-02-23 Author:Scott Goodwin Vendor: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/eventlog/ CVE: CVE-2019-19774...

4CVSS8.7AI score0.12517EPSS
Exploits5
NVD
NVD
added 2020/01/13 1:15 p.m.9 views

CVE-2014-6038

Zoho ManageEngine EventLog Analyzer versions 7 through 9.9 build 9002 have a database Information Disclosure Vulnerability. Fixed in EventLog Analyzer 10.0 Build 10000...

7.5CVSS7.3AI score0.72757EPSS
Exploits9References4
NVD
NVD
added 2020/01/13 1:15 p.m.13 views

CVE-2014-6039

ManageEngine EventLog Analyzer version 7 through 9.9 build 9002 has a Credentials Disclosure Vulnerability. Fixed version 10 Build 10000...

7.5CVSS7.5AI score0.68779EPSS
Exploits9References4
Prion
Prion
added 2020/01/13 1:15 p.m.12 views

Information disclosure

Zoho ManageEngine EventLog Analyzer versions 7 through 9.9 build 9002 have a database Information Disclosure Vulnerability. Fixed in EventLog Analyzer 10.0 Build 10000...

5CVSS6.7AI score0.72757EPSS
Exploits9References4Affected Software1
Prion
Prion
added 2020/01/13 1:15 p.m.11 views

Design/Logic Flaw

ManageEngine EventLog Analyzer version 7 through 9.9 build 9002 has a Credentials Disclosure Vulnerability. Fixed version 10 Build 10000...

5CVSS6.9AI score0.68779EPSS
Exploits9References4Affected Software1
CVE
CVE
added 2020/01/13 12:47 p.m.82 views

CVE-2014-6039

CVE-2014-6039 affects ManageEngine EventLog Analyzer (v7–v9.9 build 9002). A information-disclosure path via the hostdetails servlet exposes usernames and passwords for managed Windows/AS/400 hosts; exploitation relies on prior CVE-2014-6038 flow to obtain host identifiers and then extract creden...

7.5CVSS7.3AI score0.68779EPSS
Exploits9References4Affected Software1
Cvelist
Cvelist
added 2020/01/13 12:47 p.m.16 views

CVE-2014-6039

ManageEngine EventLog Analyzer version 7 through 9.9 build 9002 has a Credentials Disclosure Vulnerability. Fixed version 10 Build 10000...

7.5AI score0.68779EPSS
Exploits9References4
Cvelist
Cvelist
added 2020/01/13 12:42 p.m.25 views

CVE-2014-6038

Zoho ManageEngine EventLog Analyzer versions 7 through 9.9 build 9002 have a database Information Disclosure Vulnerability. Fixed in EventLog Analyzer 10.0 Build 10000...

7.3AI score0.72757EPSS
Exploits9References4
CVE
CVE
added 2020/01/13 12:42 p.m.92 views

CVE-2014-6038

CVE-2014-6038 affects Zoho/ManageEngine EventLog Analyzer (v7–v9.9 build 9002). The cited issue is an information disclosure in the agentHandler servlet, enabling an unauthenticated remote attacker to obtain usernames, passwords or hashes from the managed hosts’ data. Some connected sources also ...

7.5CVSS7.1AI score0.72757EPSS
Exploits9References4Affected Software1
Positive Technologies
Positive Technologies
added 2020/01/13 12:0 a.m.4 views

PT-2020-7720 · Zoho Manageengine · Eventlog Analyzer

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine EventLog Analyzer versions 7 through 9.9 build 9002 Description: The issue is related to a database Information Disclosure. It has been fixed in a newer version. Recommendations: For versions 7 through 9.9 build 9002, update...

7.5CVSS7.2AI score0.72757EPSS
Exploits9References7
CNVD
CNVD
added 2019/12/16 12:0 a.m.5 views

ZOHO ManageEngine EventLog Analyzer Access Control Error Vulnerability

ZOHO ManageEngine EventLog Analyzer is the United States ZhuoHao ZOHO company's set of system, event log analysis software. The software is capable of network-wide hosts, servers, network equipment and a variety of application service systems and other logs generated by the comprehensive collecti...

8.8CVSS6.8AI score0.12517EPSS
Exploits5References1
OSV
OSV
added 2019/12/13 6:15 p.m.5 views

CVE-2019-19774

An issue was discovered in Zoho ManageEngine EventLog Analyzer 10.0 SP1 before Build 12110. By running "select hostdetails from hostdetails" at the /event/runquery.do endpoint, it is possible to bypass the security restrictions that prevent even administrative users from viewing credential data...

8.8CVSS7.3AI score0.12517EPSS
Exploits5References3
Rows per page
Query Builder