Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-11678

Опубликовано: 02 мая 2019
Источник: nvd
CVSS3: 9.8
CVSS2: 7.5
EPSS Средний

Описание

The "default reports" feature in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123218 is vulnerable to SQL Injection.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:7.2:7020:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:7.2:7021:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:7.4:7400:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:7.6:7600:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:8.0:8000:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:8.1:8110:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:8.3:8300:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:8.5:8500:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.0:12000:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.2:12200:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:12300:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123008:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123027:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123045:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123057:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123064:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123070:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123083:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123092:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123126:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123129:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123137:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123151:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123156:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123164:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123169:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123177:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123182:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123185:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123186:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123194:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123197:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3:123208:*:*:*:*:*:*

EPSS

Процентиль: 94%
0.12833
Средний

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

github логотип

GHSA-gj8q-gfr7-53v7

CVSS3: 9.8
github
больше 3 лет назад

The "default reports" feature in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123218 is vulnerable to SQL Injection.

EPSS

Процентиль: 94%
0.12833
Средний

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-89