{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Zoho ManageEngine Exchange Reporter Plus before build number 5510, AD360 before build number 4228, ADSelfService Plus before build number 5817, DataSecurity Plus before build number 6033, RecoverManager Plus before build number 6017, EventLog Analyzer before build number 12136, ADAudit Plus before build number 6052, O365 Manager Plus before build number 4334, Cloud Security Plus before build number 4110, ADManager Plus before build number 7055, and Log360 before build number 5166. The remotely accessible Java servlet com.manageengine.ads.fw.servlet.UpdateProductDetails is prone to an authentication bypass. System integration properties can be modified and lead to full ManageEngine suite compromise."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-08-31T14:02:05", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.manageengine.com/data-security/release-notes.html"}, {"tags": ["x_refsource_MISC"], "url": "https://pitstop.manageengine.com/portal/en/kb/articles/manageengine-log360-security-advisory-regarding-unauthenticated-product-integration-vulnerability"}, {"tags": ["x_refsource_MISC"], "url": "https://medium.com/%40frycos/another-zoho-manageengine-story-7b472f1515f5"}, {"tags": ["x_refsource_MISC"], "url": "https://pitstop.manageengine.com/portal/en/community/topic/admanager-plus-fixes-and-enhancements"}, {"tags": ["x_refsource_MISC"], "url": "https://pitstop.manageengine.com/portal/en/kb/articles/manageengine-cloud-security-plus-security-advisory-regarding-unauthenticated-product-integration-vulnerability"}, {"tags": ["x_refsource_MISC"], "url": "https://pitstop.manageengine.com/portal/en/community/topic/how-to-identify-and-mitigate-the-unauthenticated-product-integration-vulnerability"}, {"tags": ["x_refsource_MISC"], "url": "https://pitstop.manageengine.com/portal/en/community/topic/how-to-identify-and-mitigate-the-unauthenticated-product-integration-vulnerability-18-5-2020"}, {"tags": ["x_refsource_MISC"], "url": "https://www.manageengine.com/products/eventlog/features-new.html"}, {"tags": ["x_refsource_MISC"], "url": "https://pitstop.manageengine.com/portal/en/community/topic/how-to-identify-and-mitigate-the-unauthenticated-product-integration-vulnerability-15-5-2020-1"}, {"tags": ["x_refsource_MISC"], "url": "https://pitstop.manageengine.com/portal/en/community/topic/how-to-fix-the-unauthenticated-product-integration-vulnerability-18-5-2020"}, {"tags": ["x_refsource_MISC"], "url": "https://pitstop.manageengine.com/portal/en/community/topic/how-to-fix-the-unauthenticated-product-integration-vulnerability"}, {"tags": ["x_refsource_MISC"], "url": "https://pitstop.manageengine.com/portal/en/community/topic/how-to-fix-the-unauthenticated-product-integration-vulnerability-17-5-2020"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-24786", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in Zoho ManageEngine Exchange Reporter Plus before build number 5510, AD360 before build number 4228, ADSelfService Plus before build number 5817, DataSecurity Plus before build number 6033, RecoverManager Plus before build number 6017, EventLog Analyzer before build number 12136, ADAudit Plus before build number 6052, O365 Manager Plus before build number 4334, Cloud Security Plus before build number 4110, ADManager Plus before build number 7055, and Log360 before build number 5166. The remotely accessible Java servlet com.manageengine.ads.fw.servlet.UpdateProductDetails is prone to an authentication bypass. System integration properties can be modified and lead to full ManageEngine suite compromise."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.manageengine.com/data-security/release-notes.html", "refsource": "MISC", "url": "https://www.manageengine.com/data-security/release-notes.html"}, {"name": "https://pitstop.manageengine.com/portal/en/kb/articles/manageengine-log360-security-advisory-regarding-unauthenticated-product-integration-vulnerability", "refsource": "MISC", "url": "https://pitstop.manageengine.com/portal/en/kb/articles/manageengine-log360-security-advisory-regarding-unauthenticated-product-integration-vulnerability"}, {"name": "https://medium.com/@frycos/another-zoho-manageengine-story-7b472f1515f5", "refsource": "MISC", "url": "https://medium.com/@frycos/another-zoho-manageengine-story-7b472f1515f5"}, {"name": "https://pitstop.manageengine.com/portal/en/community/topic/admanager-plus-fixes-and-enhancements", "refsource": "MISC", "url": "https://pitstop.manageengine.com/portal/en/community/topic/admanager-plus-fixes-and-enhancements"}, {"name": "https://pitstop.manageengine.com/portal/en/kb/articles/manageengine-cloud-security-plus-security-advisory-regarding-unauthenticated-product-integration-vulnerability", "refsource": "MISC", "url": "https://pitstop.manageengine.com/portal/en/kb/articles/manageengine-cloud-security-plus-security-advisory-regarding-unauthenticated-product-integration-vulnerability"}, {"name": "https://pitstop.manageengine.com/portal/en/community/topic/how-to-identify-and-mitigate-the-unauthenticated-product-integration-vulnerability", "refsource": "MISC", "url": "https://pitstop.manageengine.com/portal/en/community/topic/how-to-identify-and-mitigate-the-unauthenticated-product-integration-vulnerability"}, {"name": "https://pitstop.manageengine.com/portal/en/community/topic/how-to-identify-and-mitigate-the-unauthenticated-product-integration-vulnerability-18-5-2020", "refsource": "MISC", "url": "https://pitstop.manageengine.com/portal/en/community/topic/how-to-identify-and-mitigate-the-unauthenticated-product-integration-vulnerability-18-5-2020"}, {"name": "https://www.manageengine.com/products/eventlog/features-new.html", "refsource": "MISC", "url": "https://www.manageengine.com/products/eventlog/features-new.html"}, {"name": "https://pitstop.manageengine.com/portal/en/community/topic/how-to-identify-and-mitigate-the-unauthenticated-product-integration-vulnerability-15-5-2020-1", "refsource": "MISC", "url": "https://pitstop.manageengine.com/portal/en/community/topic/how-to-identify-and-mitigate-the-unauthenticated-product-integration-vulnerability-15-5-2020-1"}, {"name": "https://pitstop.manageengine.com/portal/en/community/topic/how-to-fix-the-unauthenticated-product-integration-vulnerability-18-5-2020", "refsource": "MISC", "url": "https://pitstop.manageengine.com/portal/en/community/topic/how-to-fix-the-unauthenticated-product-integration-vulnerability-18-5-2020"}, {"name": "https://pitstop.manageengine.com/portal/en/community/topic/how-to-fix-the-unauthenticated-product-integration-vulnerability", "refsource": "MISC", "url": "https://pitstop.manageengine.com/portal/en/community/topic/how-to-fix-the-unauthenticated-product-integration-vulnerability"}, {"name": "https://pitstop.manageengine.com/portal/en/community/topic/how-to-fix-the-unauthenticated-product-integration-vulnerability-17-5-2020", "refsource": "MISC", "url": "https://pitstop.manageengine.com/portal/en/community/topic/how-to-fix-the-unauthenticated-product-integration-vulnerability-17-5-2020"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-24786", "datePublished": "2020-08-31T14:02:05", "dateReserved": "2020-08-28T00:00:00", "dateUpdated": "2020-08-31T14:02:05", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:*:*:*:*:*:*:*:*", "matchCriteriaId": "7380E0EF-684C-487E-B343-672248D8642E", "versionEndIncluding": "5.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:-:*:*:*:*:*:*", "matchCriteriaId": "09718DA2-31D3-4CC3-B95D-6A8BE6233700", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5800:*:*:*:*:*:*", "matchCriteriaId": "A217F6ED-BC7F-46B7-9D43-D75A3D416322", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5801:*:*:*:*:*:*", "matchCriteriaId": "562397B8-DF54-4585-81B4-3F89816CC8BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5802:*:*:*:*:*:*", "matchCriteriaId": "319E6B84-4D6C-45D2-BF5A-8461202C4463", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5803:*:*:*:*:*:*", "matchCriteriaId": "73DD6611-26EA-44A9-8FAC-0C4A91CAAB1C", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5804:*:*:*:*:*:*", "matchCriteriaId": "B964F5EA-427D-46D5-AE73-3BEBFE42A4B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5805:*:*:*:*:*:*", "matchCriteriaId": "94E70435-5332-48F3-9602-FCA1EFB617BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5806:*:*:*:*:*:*", "matchCriteriaId": "AC040DA3-91BB-41CD-ADE3-D2AA0537516D", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5807:*:*:*:*:*:*", "matchCriteriaId": "8E71EE09-F2D6-4981-A962-14DAC49A9A45", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5808:*:*:*:*:*:*", "matchCriteriaId": "4709685D-CCF0-4444-99B8-4DC6E3D53A62", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5809:*:*:*:*:*:*", "matchCriteriaId": "13599F95-25B2-4C21-8174-DA966A49249B", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5810:*:*:*:*:*:*", "matchCriteriaId": "D2CB6693-492A-4607-9D9C-15C746E12864", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5811:*:*:*:*:*:*", "matchCriteriaId": "35238419-A73A-4333-9F3D-481FAA1D167C", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5812:*:*:*:*:*:*", "matchCriteriaId": "BD7FEAF1-A4A5-480C-8BA4-0217E6CE63C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5813:*:*:*:*:*:*", "matchCriteriaId": "4E0B4F11-A1E8-4D21-9707-8639A3040840", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5814:*:*:*:*:*:*", "matchCriteriaId": "AAFE9B07-00B7-4211-ADD8-198B7BD4B93D", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5815:*:*:*:*:*:*", "matchCriteriaId": "7F229F49-EA44-4D0A-855B-FC586CE8CFA0", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5816:*:*:*:*:*:*", "matchCriteriaId": "07AED2F0-F527-4B4A-82FC-F571899F3738", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:*:*:*:*:*:*:*:*", "matchCriteriaId": "3DB7B1B9-633E-4866-B236-94888342ACD1", "versionEndIncluding": "5.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.5:5500:*:*:*:*:*:*", "matchCriteriaId": "1A55E1C9-DCFE-49E7-A9A3-E3A5ECBEE4C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.5:5501:*:*:*:*:*:*", "matchCriteriaId": "E8C30A5E-33C7-4EB3-9FB4-D5AECD9A5C08", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.5:5502:*:*:*:*:*:*", "matchCriteriaId": "B7085438-77E4-4B12-A885-F2294CF9B318", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.5:5503:*:*:*:*:*:*", "matchCriteriaId": "7821DCD0-30DB-4520-B174-0E51CB07E12A", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.5:5504:*:*:*:*:*:*", "matchCriteriaId": "4666EEFD-5F91-4F1D-BB15-736A984ABA27", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zohocorp:manageengine_ad360:*:*:*:*:*:*:*:*", "matchCriteriaId": "CCCD7A9D-B1BC-4CE8-9E5D-8795674BB1AA", "versionEndIncluding": "4.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4200:*:*:*:*:*:*", "matchCriteriaId": "14116D8A-9798-4EF2-9652-286D4CBDAADF", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4201:*:*:*:*:*:*", "matchCriteriaId": "DAC56F69-9894-4236-9E4E-412403204E79", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4202:*:*:*:*:*:*", "matchCriteriaId": "6B180386-1930-4EC2-9AF8-21F375E74BCE", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4203:*:*:*:*:*:*", "matchCriteriaId": "91787EC1-3053-4784-B985-FC09F368CB2A", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4204:*:*:*:*:*:*", "matchCriteriaId": "B270FDB7-A2E2-4D77-9E68-17E57ED41B19", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4205:*:*:*:*:*:*", "matchCriteriaId": "06621A53-3A32-4691-A02A-417A9DBCB9DF", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4206:*:*:*:*:*:*", "matchCriteriaId": "E32D414E-ADEB-4FE3-8114-815A744DBF76", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4207:*:*:*:*:*:*", "matchCriteriaId": "E2A124B0-CAC1-4D17-98FF-DF479F404283", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4208:*:*:*:*:*:*", "matchCriteriaId": "BED5824C-9A62-4A9E-A440-3368D709674B", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4209:*:*:*:*:*:*", "matchCriteriaId": "F36F3D07-F9E3-4CF1-8BD3-73F58B18D35C", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4210:*:*:*:*:*:*", "matchCriteriaId": "357AB232-A834-4899-950D-53E0690726A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4212:*:*:*:*:*:*", "matchCriteriaId": "680C0265-E4DF-4275-8B0C-EBD9E7B5B798", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4213:*:*:*:*:*:*", "matchCriteriaId": "27CA1268-5D13-445A-985B-AE8F5494F61C", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4214:*:*:*:*:*:*", "matchCriteriaId": "2112361C-8F57-40E6-B665-FA8D585FA933", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4215:*:*:*:*:*:*", "matchCriteriaId": "A4E777D1-9414-439C-9309-7C89192905A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4216:*:*:*:*:*:*", "matchCriteriaId": "FDCD0C9A-0287-4BAA-97C1-CCA96212A8A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4217:*:*:*:*:*:*", "matchCriteriaId": "27D917BB-D64D-4E16-B5E2-485EE127A310", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4219:*:*:*:*:*:*", "matchCriteriaId": "CD0D83CD-3F8B-41A5-8110-2207FC202529", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4220:*:*:*:*:*:*", "matchCriteriaId": "E7569882-9E12-4ED8-9F54-AC1F0C9EC50B", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4222:*:*:*:*:*:*", "matchCriteriaId": "F15A754D-A668-42C8-9E37-7A3364BE129B", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4223:*:*:*:*:*:*", "matchCriteriaId": "086FDB61-78D3-4540-B2AC-42DF1D41ABA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4224:*:*:*:*:*:*", "matchCriteriaId": "6F9285FB-23E4-438E-8081-D0589A8727C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4225:*:*:*:*:*:*", "matchCriteriaId": "A4E0D81C-36B3-4638-BB0E-18023D13DA97", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4227:*:*:*:*:*:*", "matchCriteriaId": "5B1F3742-3B1A-43DC-8CD7-547A4EB436E7", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:*:*:*:*:*:*:*:*", "matchCriteriaId": "D3ADF4BC-41C3-483D-A24F-52F5D8D90E02", "versionEndIncluding": "5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6000:*:*:*:*:*:*", "matchCriteriaId": "D88BAE7C-AE20-4B66-8380-93CFF7E716F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6001:*:*:*:*:*:*", "matchCriteriaId": "A2EA6313-C2FC-45B5-92E6-4239B4E41E11", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6002:*:*:*:*:*:*", "matchCriteriaId": "B6BAA7AF-E61E-40FB-ADA5-CDC51508A848", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6003:*:*:*:*:*:*", "matchCriteriaId": "9F96ED00-5DBE-4909-90DF-F4CDB4946ED9", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6010:*:*:*:*:*:*", "matchCriteriaId": "4CCFDC58-067A-420F-924B-9BFC342411D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6011:*:*:*:*:*:*", "matchCriteriaId": "3C532BCE-429E-403D-9D44-9E3B8FD35C91", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6012:*:*:*:*:*:*", "matchCriteriaId": "7286F2C9-FB52-4524-8293-81B36E9E8534", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6013:*:*:*:*:*:*", "matchCriteriaId": "E70A8EC5-1046-42E8-99DC-D564B66BA987", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6020:*:*:*:*:*:*", "matchCriteriaId": "A6BF11B6-4616-49DC-B7D0-0165691D7ABA", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6021:*:*:*:*:*:*", "matchCriteriaId": "32FCBB8F-35F2-4A3C-8F04-39AEAAB76BCE", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6030:*:*:*:*:*:*", "matchCriteriaId": "75F07512-4B8D-492C-A59A-E2E75713241B", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6031:*:*:*:*:*:*", "matchCriteriaId": "1750C0CC-B017-44DF-95F2-628125E416FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6032:*:*:*:*:*:*", "matchCriteriaId": "B0D5FC87-6BD7-4056-8879-7BAF28BB69C1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zohocorp:manageengine_recovermanager_plus:*:*:*:*:*:*:*:*", "matchCriteriaId": "DB19FFF0-464F-4BAA-BD8F-5A8296EAC724", "versionEndIncluding": "5.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_recovermanager_plus:6.0:6001:*:*:*:*:*:*", "matchCriteriaId": "58739BDC-8741-4904-96C4-5E075FF87676", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_recovermanager_plus:6.0:6003:*:*:*:*:*:*", "matchCriteriaId": "69C40DE9-1849-437B-8C48-BB5ACD104CDA", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_recovermanager_plus:6.0:6005:*:*:*:*:*:*", "matchCriteriaId": "5792AAA4-6E32-48F6-BAF9-91AE9CE468D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_recovermanager_plus:6.0:6011:*:*:*:*:*:*", "matchCriteriaId": "BB623771-BA56-4684-85E1-941A5EF0624A", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_recovermanager_plus:6.0:6016:*:*:*:*:*:*", "matchCriteriaId": "9CCF0FA4-0326-405B-94F2-513E0FAA6FB6", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zohocorp:manageengine_eventlog_analyzer:*:*:*:*:*:*:*:*", "matchCriteriaId": "789DE939-8305-4684-B19C-29F5A26E25A6", "versionEndIncluding": "12.1.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_eventlog_analyzer:12.1.3:12130:*:*:*:*:*:*", "matchCriteriaId": "04E5575C-A204-4A46-ACDB-7A2837B2A5ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_eventlog_analyzer:12.1.3:12135:*:*:*:*:*:*", "matchCriteriaId": "22C76170-BE8E-40D7-9AA0-349EBB9DC718", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:*:*:*:*:*:*:*:*", "matchCriteriaId": "350B9823-6421-4817-A9BA-B138918ADEDB", "versionEndIncluding": "5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:6.0:6000:*:*:*:*:*:*", "matchCriteriaId": "053FB8DD-94D7-438A-8802-8ECF8B79FCA0", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:6.0:6001:*:*:*:*:*:*", "matchCriteriaId": "616D32A3-B19A-4C05-BF43-4AEB7573BF82", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:6.0:6002:*:*:*:*:*:*", "matchCriteriaId": "28FF33D3-81DE-4849-8EA9-4C396D775892", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:6.0:6003:*:*:*:*:*:*", "matchCriteriaId": "A6BE7AA0-F201-4F29-BE11-983CAE5BE103", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:6.0:6010:*:*:*:*:*:*", "matchCriteriaId": "64339FF6-3563-41B2-8B61-A9DF076069C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:6.0:6030:*:*:*:*:*:*", "matchCriteriaId": "AD025538-8C73-4648-9C77-25E49FF77A7E", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:6.0:6031:*:*:*:*:*:*", "matchCriteriaId": "FB3C81C0-1234-4CAA-8FB1-833FB2EF4872", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:6.0:6032:*:*:*:*:*:*", "matchCriteriaId": "A5E6D12F-C642-4001-A838-65DDA3F94D04", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:6.0:6033:*:*:*:*:*:*", "matchCriteriaId": "32435B99-81DD-4AEC-ABBF-DEAFAB00CC87", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:6.0:6050:*:*:*:*:*:*", "matchCriteriaId": "37CDC611-B94C-483C-9C4C-5BCFA6CAB7E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:6.0:6052:*:*:*:*:*:*", "matchCriteriaId": "A75E3D4D-5596-4E93-8541-F183AF105231", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:*:*:*:*:*:*:*:*", "matchCriteriaId": "45EEAE93-0898-4FD8-9A31-FE2D5AAD3E79", "versionEndIncluding": "4.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4300:*:*:*:*:*:*", "matchCriteriaId": "1312ABF3-93FA-46E7-BF3C-61B1A0E7BA2D", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4301:*:*:*:*:*:*", "matchCriteriaId": "6912B88D-23D4-4E1E-98B8-60A60314A516", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4302:*:*:*:*:*:*", "matchCriteriaId": "7392FEE2-8102-4125-8927-4356732ED167", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4303:*:*:*:*:*:*", "matchCriteriaId": "0A9867BA-BAD0-482E-AC6B-CFDC9BF19AFB", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4304:*:*:*:*:*:*", "matchCriteriaId": "B20578E3-8995-4062-9FBF-85B76945B6EA", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4305:*:*:*:*:*:*", "matchCriteriaId": "96471B59-E195-4FF4-A36C-C4248F970817", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4306:*:*:*:*:*:*", "matchCriteriaId": "DAD74918-D60A-427A-B46B-979F3D0870A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4308:*:*:*:*:*:*", "matchCriteriaId": "91731443-F449-457A-B8BD-017726596714", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4309:*:*:*:*:*:*", "matchCriteriaId": "C923DAAE-1C60-4A50-800D-422098A143FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4310:*:*:*:*:*:*", "matchCriteriaId": "F820E8A0-981A-4C68-AFBF-D263B627F4FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4311:*:*:*:*:*:*", "matchCriteriaId": "84F1A956-19D1-47D3-AEF4-0117A25A1DEC", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4312:*:*:*:*:*:*", "matchCriteriaId": "2AE25043-4F64-4B5E-8B9F-B0793FE4834F", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4316:*:*:*:*:*:*", "matchCriteriaId": "2D5849AA-9DD2-4836-9F78-0CFB917A8398", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4317:*:*:*:*:*:*", "matchCriteriaId": "777FFDDC-EA8A-45C5-963A-8982C7FA9D36", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4318:*:*:*:*:*:*", "matchCriteriaId": "61658169-04C4-45A5-B6F9-31EABDFC7026", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4319:*:*:*:*:*:*", "matchCriteriaId": "0439F4CA-5831-444F-9403-91B08D55CE37", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4320:*:*:*:*:*:*", "matchCriteriaId": "CCE01DB3-1C25-4A0A-86A2-48052A01F21C", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4321:*:*:*:*:*:*", "matchCriteriaId": "20CF3B2A-E1DA-472C-9E5B-7729F5A9B72F", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4322:*:*:*:*:*:*", "matchCriteriaId": "EF5CADAA-EE4B-45FE-8B31-910EB2F9A457", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4324:*:*:*:*:*:*", "matchCriteriaId": "317936F9-5856-4C05-96B0-06B286002C7E", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4325:*:*:*:*:*:*", "matchCriteriaId": "7A6A9E35-0AE0-41EC-95BD-6DA045B670C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4327:*:*:*:*:*:*", "matchCriteriaId": "02E7A3A5-B101-450A-B048-580535ACD150", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4328:*:*:*:*:*:*", "matchCriteriaId": "A7804A96-2937-46EE-BCCE-7C19D3A0BF87", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4329:*:*:*:*:*:*", "matchCriteriaId": "92CF2307-5CE0-44C6-BBAB-9974879426D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4330:*:*:*:*:*:*", "matchCriteriaId": "A8D1D36D-990A-426E-9DA6-8506DA235FD4", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4331:*:*:*:*:*:*", "matchCriteriaId": "9210E989-CEBE-430A-ABF1-30DFC3B81CFC", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4332:*:*:*:*:*:*", "matchCriteriaId": "AD45843D-AB8F-4CFF-8EDA-3A1AEB9C3CE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4333:*:*:*:*:*:*", "matchCriteriaId": "81549C4B-1B64-4E4F-91D2-25EA86BB2859", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.3:4334:*:*:*:*:*:*", "matchCriteriaId": "56201D6A-2330-41D0-B38D-9D4A21D6CF20", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:*:*:*:*:*:*:*:*", "matchCriteriaId": "6D116EAD-FC10-4B20-88C1-356C9EE0F8D7", "versionEndIncluding": "4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4100:*:*:*:*:*:*", "matchCriteriaId": "BFD452AD-7053-4C13-97DA-326C3DC6E26C", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4101:*:*:*:*:*:*", "matchCriteriaId": "0B87956F-9C45-4A65-BEB2-77A247BD7A39", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4102:*:*:*:*:*:*", "matchCriteriaId": "17BE6347-1605-47DB-8CFE-B587E3AB4223", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4103:*:*:*:*:*:*", "matchCriteriaId": "C47F9F56-B1DE-426B-B5CF-A1BB5973D6E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4104:*:*:*:*:*:*", "matchCriteriaId": "E6A7C5C6-0137-4279-A7EA-3439BE477A3C", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4105:*:*:*:*:*:*", "matchCriteriaId": "C921F1B2-69B4-448F-AC7C-2F4474507FAB", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4106:*:*:*:*:*:*", "matchCriteriaId": "91DB9017-1BCF-48DB-97AE-4214150BAE77", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4107:*:*:*:*:*:*", "matchCriteriaId": "D066B999-8554-49F0-92C3-1A4DDEA6E32D", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4108:*:*:*:*:*:*", "matchCriteriaId": "635F80E1-4A73-48DC-A128-D61716D70839", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4109:*:*:*:*:*:*", "matchCriteriaId": "E74FE1C4-471A-4040-96A4-0BE46745199B", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF66EAF9-40F8-4C96-B521-58EFEFFEA2C6", "versionEndIncluding": "6.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7000:*:*:*:*:*:*", "matchCriteriaId": "4DE6724F-80AA-4B3E-8CF1-1158F6C98AEA", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7010:*:*:*:*:*:*", "matchCriteriaId": "A4D9B6E0-47A7-48D1-AF6A-A8512475ABD6", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7011:*:*:*:*:*:*", "matchCriteriaId": "FFD7E625-FAA2-4452-9E18-5E4A61A93FDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7020:*:*:*:*:*:*", "matchCriteriaId": "8504DAE3-6CD9-4640-9EB1-CB304DB79BE9", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7030:*:*:*:*:*:*", "matchCriteriaId": "F42110FC-D21E-439E-BB8C-45C03F639CCC", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7040:*:*:*:*:*:*", "matchCriteriaId": "612E5D11-83D1-4E80-B7A4-57F61690DFCB", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7041:*:*:*:*:*:*", "matchCriteriaId": "C89C31C7-3196-47CD-9A9D-0761CEEB04E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7050:*:*:*:*:*:*", "matchCriteriaId": "821C24DA-1C22-43ED-AD67-E947D323A3A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7051:*:*:*:*:*:*", "matchCriteriaId": "FAFEF7B6-4B56-42C8-958B-E0B677F5D150", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7052:*:*:*:*:*:*", "matchCriteriaId": "43CEBA06-F115-41E9-8B3E-C004528340A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7053:*:*:*:*:*:*", "matchCriteriaId": "E398D48C-AD94-4E84-9E3A-28A8586B3112", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7054:*:*:*:*:*:*", "matchCriteriaId": "3D042A11-638F-4485-A753-ACF2BE92D900", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zohocorp:manageengine_log360:*:*:*:*:*:*:*:*", "matchCriteriaId": "26B0E2FA-186D-48D7-89AE-461224CA7242", "versionEndIncluding": "5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_log360:5.1:5100:*:*:*:*:*:*", "matchCriteriaId": "4F222A9E-12E7-45E6-BF7D-61D60FCF1787", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_log360:5.1:5102:*:*:*:*:*:*", "matchCriteriaId": "E5EBBD07-EB06-407C-8BFE-139A7F37D129", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_log360:5.1:5107:*:*:*:*:*:*", "matchCriteriaId": "4408F07A-E77E-4F74-B951-E90D0AD0FC52", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_log360:5.1:5108:*:*:*:*:*:*", "matchCriteriaId": "44454167-93A9-4109-A137-0DBF56B870E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_log360:5.1:5110:*:*:*:*:*:*", "matchCriteriaId": "9F95F165-5E41-4F44-A049-1B67F045A3FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_log360:5.1:5111:*:*:*:*:*:*", "matchCriteriaId": "EF50B0BD-244E-4445-A119-7165829BEA1D", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_log360:5.1:5120:*:*:*:*:*:*", "matchCriteriaId": "0A509BA6-9E79-4250-B412-2CCE2EF20031", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_log360:5.1:5150:*:*:*:*:*:*", "matchCriteriaId": "CA676B42-6E42-4A5C-986E-C06A4F97500A", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_log360:5.1:5154:*:*:*:*:*:*", "matchCriteriaId": "CA8D9B25-9BB1-427A-8C07-FB40638218E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_log360:5.1:5155:*:*:*:*:*:*", "matchCriteriaId": "B1660FC6-4E59-4F1B-ABAB-51E7CD31B3C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_log360:5.1:5160:*:*:*:*:*:*", "matchCriteriaId": "994FB926-30C1-4399-BE7E-1989375382FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_log360:5.1:5164:*:*:*:*:*:*", "matchCriteriaId": "38C88C6C-A399-4B3F-A3DE-8410B68C9C2D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Zoho ManageEngine Exchange Reporter Plus before build number 5510, AD360 before build number 4228, ADSelfService Plus before build number 5817, DataSecurity Plus before build number 6033, RecoverManager Plus before build number 6017, EventLog Analyzer before build number 12136, ADAudit Plus before build number 6052, O365 Manager Plus before build number 4334, Cloud Security Plus before build number 4110, ADManager Plus before build number 7055, and Log360 before build number 5166. The remotely accessible Java servlet com.manageengine.ads.fw.servlet.UpdateProductDetails is prone to an authentication bypass. System integration properties can be modified and lead to full ManageEngine suite compromise."}, {"lang": "es", "value": "Se detect\u00f3 un problema en Zoho ManageEngine Exchange Reporter Plus antes del n\u00famero de compilaci\u00f3n 5510, AD360 antes del n\u00famero de compilaci\u00f3n 4228, ADSelfService Plus antes del n\u00famero de compilaci\u00f3n 5817, DataSecurity Plus antes del n\u00famero de compilaci\u00f3n 6033, RecoverManager Plus antes del n\u00famero de compilaci\u00f3n 6017, EventLog Analyzer antes del n\u00famero de compilaci\u00f3n 12136, ADAudit Adem\u00e1s, antes del n\u00famero de compilaci\u00f3n 6052, O365 Manager Plus antes del n\u00famero de compilaci\u00f3n 4334, Cloud Security Plus antes del n\u00famero de compilaci\u00f3n 4110, ADManager Plus antes del n\u00famero de compilaci\u00f3n 7055 y Log360 antes del n\u00famero de compilaci\u00f3n 5166. El servlet de Java com.manageengine.ads.fw.servlet.UpdateProductDetails accesible remotamente es propenso a una omisi\u00f3n de autenticaci\u00f3n. Las propiedades de integraci\u00f3n del sistema pueden ser modificadas y conllevar a un compromiso total de la suite de ManageEngine"}], "id": "CVE-2020-24786", "lastModified": "2023-11-07T03:20:10.280", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-08-31T15:15:10.870", "references": [{"source": "cve@mitre.org", "url": "https://medium.com/%40frycos/another-zoho-manageengine-story-7b472f1515f5"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://pitstop.manageengine.com/portal/en/community/topic/admanager-plus-fixes-and-enhancements"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://pitstop.manageengine.com/portal/en/community/topic/how-to-fix-the-unauthenticated-product-integration-vulnerability"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://pitstop.manageengine.com/portal/en/community/topic/how-to-fix-the-unauthenticated-product-integration-vulnerability-17-5-2020"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://pitstop.manageengine.com/portal/en/community/topic/how-to-fix-the-unauthenticated-product-integration-vulnerability-18-5-2020"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://pitstop.manageengine.com/portal/en/community/topic/how-to-identify-and-mitigate-the-unauthenticated-product-integration-vulnerability"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://pitstop.manageengine.com/portal/en/community/topic/how-to-identify-and-mitigate-the-unauthenticated-product-integration-vulnerability-15-5-2020-1"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://pitstop.manageengine.com/portal/en/community/topic/how-to-identify-and-mitigate-the-unauthenticated-product-integration-vulnerability-18-5-2020"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://pitstop.manageengine.com/portal/en/kb/articles/manageengine-cloud-security-plus-security-advisory-regarding-unauthenticated-product-integration-vulnerability"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://pitstop.manageengine.com/portal/en/kb/articles/manageengine-log360-security-advisory-regarding-unauthenticated-product-integration-vulnerability"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.manageengine.com/data-security/release-notes.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.manageengine.com/products/eventlog/features-new.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}