Zoho ManageEngine Eventlog Analyzer through 12147 is vulnerable to unauthenticated directory traversal via an entry in a ZIP archive. This leads to remote code execution.
References
Link | Resource |
---|---|
https://www.manageengine.com | Vendor Advisory |
https://www.manageengine.com/products/eventlog/features-new.html#release | Release Notes Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-04-30T12:16:42
Updated: 2021-04-30T12:16:42
Reserved: 2021-03-21T00:00:00
Link: CVE-2021-28959
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-04-30T13:15:07.470
Modified: 2021-05-11T13:12:49.600
Link: CVE-2021-28959
JSON object: View
Redhat Information
No data.
CWE