Описание
A serialization vulnerability in Zoho ManageEngine Applications Manager before build 13740 allows for remote code execution on Windows via a payload on an SMB share.
Ссылки
- ExploitMitigationThird Party Advisory
- ExploitMitigationThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.7:-:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.7:build13700:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.7:build13710:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.7:build13720:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.7:build13730:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.7:build13750:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.7:build13760:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.7:build13770:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.7:build13780:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.7:build13790:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02361
Низкий
8.1 High
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-502
Связанные уязвимости
CVSS3: 8.1
github
больше 3 лет назад
A serialization vulnerability in Zoho ManageEngine Applications Manager before build 13740 allows for remote code execution on Windows via a payload on an SMB share.
EPSS
Процентиль: 85%
0.02361
Низкий
8.1 High
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-502