Описание
Zoho ManageEngine Applications Manager before 14600 allows a remote unauthenticated attacker to disclose license related information via WieldFeedServlet servlet.
Ссылки
- ExploitThird Party Advisory
- Vendor Advisory
- ExploitThird Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 14.5 (исключая)
Одно из
cpe:2.3:a:zohocorp:manageengine_applications_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.5:-:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.5:build14500:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.5:build14510:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.5:build14520:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.5:build14530:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.5:build14540:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.5:build14560:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.5:build14570:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.5:build14580:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.5:build14590:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.06903
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-306
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
Zoho ManageEngine Applications Manager 14590 and before allows a remote unauthenticated attacker to disclose license related information via WieldFeedServlet servlet
EPSS
Процентиль: 91%
0.06903
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-306