Vulnerabilites related to zohocorp - manageengine_netflow_analyzer
Vulnerability from fkie_nvd
Published
2015-06-09 00:59
Modified
2024-11-21 02:28
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in Zoho NetFlow Analyzer build 10250 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zohocorp | manageengine_netflow_analyzer | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0940949F-4EB4-460B-8CE9-56B6387250F3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Zoho NetFlow Analyzer build 10250 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en Zoho NetFlow Analyzer build 10250 y anteriores permite a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-2960",
"lastModified": "2024-11-21T02:28:23.927",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-06-09T00:59:02.587",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN98447310/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000074"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.securityfocus.com/bid/75071"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.securitytracker.com/id/1032516"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN98447310/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032516"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-17 02:29
Modified
2024-11-21 04:50
Severity ?
Summary
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. An Absolute Path Traversal vulnerability in the Administration zone, in /netflow/servlet/CReportPDFServlet (via the parameter schFilePath), allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via any file name, such as a schFilePath=C:\boot.ini value.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zohocorp | manageengine_netflow_analyzer | 7.0.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:7.0.0.2:*:*:*:professional:*:*:*",
"matchCriteriaId": "E8A06D7A-579E-40E2-9E31-8127E90869FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. An Absolute Path Traversal vulnerability in the Administration zone, in /netflow/servlet/CReportPDFServlet (via the parameter schFilePath), allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via any file name, such as a schFilePath=C:\\boot.ini value."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. Una vulnerabilidad Absolute Path Traversal en la zona de Administraci\u00f3n, en / netflow / servlet / CReportPDFServlet (a trav\u00e9s del par\u00e1metro schFilePath), permite a los usuarios autenticados remotos eludir las restricciones de SecurityManager previstas y listar un directorio principal a trav\u00e9s de cualquier nombre de archivo, como schFilePath = C: Valor \\ boot.ini."
}
],
"id": "CVE-2019-8925",
"lastModified": "2024-11-21T04:50:40.283",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-17T02:29:00.553",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Not Applicable",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/45"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/46425/"
},
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Not Applicable",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/45"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/46425/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-09 00:59
Modified
2024-11-21 02:28
Severity ?
Summary
Cross-site request forgery (CSRF) vulnerability in Zoho NetFlow Analyzer build 10250 and earlier allows remote attackers to hijack the authentication of administrators.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zohocorp | manageengine_netflow_analyzer | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0940949F-4EB4-460B-8CE9-56B6387250F3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in Zoho NetFlow Analyzer build 10250 and earlier allows remote attackers to hijack the authentication of administrators."
},
{
"lang": "es",
"value": "Vulnerabilidad de CSRF en Zoho NetFlow Analyzer build 10250 y anteriores permite a atacantes remotos secuestrar la autenticaci\u00f3n de administradores."
}
],
"id": "CVE-2015-2961",
"lastModified": "2024-11-21T02:28:24.037",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-06-09T00:59:03.617",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN79284156/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000076"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.securityfocus.com/bid/75067"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.securitytracker.com/id/1032516"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN79284156/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75067"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032516"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-12-04 17:59
Modified
2024-11-21 02:12
Severity ?
Summary
Directory traversal vulnerability in the DisplayChartPDF servlet in ZOHO ManageEngine Netflow Analyzer 8.6 through 10.2 and IT360 10.3 allows remote attackers and remote authenticated users to read arbitrary files via a .. (dot dot) in the filename parameter.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_it360:10.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9176D056-7350-4371-8F7E-87C2521EEBF2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C395A435-A070-417E-BAE2-3F88202667AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DC97355-78DC-469D-8238-F61C5FEB1E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A4077669-FB97-4148-BDB6-9CF83B3AFDFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2B9AA3A3-2C5D-4F8C-9903-65FDDDED0CD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B32A1323-2DEA-4D62-B1E2-F7747571F0D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CE066783-A6FB-4006-BC39-B2C1C186890E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9E193D39-7F8C-4E7F-95E6-732A4F836B54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:9.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B9321BD1-52EB-4DC0-8A3B-F56D8F24B4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:9.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9F5B063E-DC2D-4BDC-B119-6B53FDA7059C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:9.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "42700600-21C8-4AAC-938D-FA2C3C88B232",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "701C5910-3DBE-4453-9766-07CD2847F21B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:10.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "F6EBF8A0-365F-4D23-8FB9-2CDDEA6F2C05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56D43BC4-F0E5-41D3-9D01-9B5ACC39459F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the DisplayChartPDF servlet in ZOHO ManageEngine Netflow Analyzer 8.6 through 10.2 and IT360 10.3 allows remote attackers and remote authenticated users to read arbitrary files via a .. (dot dot) in the filename parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en el servlet DisplayChartPDF en ZOHO ManageEngine Netflow Analyzer 8.6 hasta 10.2 y IT360 10.3 permite a atacantes remotos o usuarios remotos autenticados leer ficheros arbitrarios a trav\u00e9s de un .. (punto punto) en el par\u00e1metro filename."
}
],
"id": "CVE-2014-5446",
"lastModified": "2024-11-21T02:12:04.153",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-12-04T17:59:01.817",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/129336/ManageEngine-Netflow-Analyzer-IT360-File-Download.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/9"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/534122/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/534141/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/71404"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99046"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_netflow_it360_file_dl.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/cve-2014-5445-cve-2014-5446-fix-for-arbitrary-file-download"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/129336/ManageEngine-Netflow-Analyzer-IT360-File-Download.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/534122/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/534141/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/71404"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_netflow_it360_file_dl.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/cve-2014-5445-cve-2014-5446-fix-for-arbitrary-file-download"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-06-05 18:29
Modified
2024-11-21 04:22
Severity ?
Summary
A SQL injection vulnerability in /client/api/json/v2/nfareports/compareReport in Zoho ManageEngine NetFlow Analyzer 12.3 allows attackers to execute arbitrary SQL commands via the DeviceID parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zohocorp | manageengine_netflow_analyzer | 12.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5AEFC1D0-45B8-41CE-8B81-A7C44C9AB06F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A SQL injection vulnerability in /client/api/json/v2/nfareports/compareReport in Zoho ManageEngine NetFlow Analyzer 12.3 allows attackers to execute arbitrary SQL commands via the DeviceID parameter."
},
{
"lang": "es",
"value": "Una vulnerabilidad de inyecci\u00f3n SQL en la funci\u00f3n /client/api/json/v2/nfareports/compareReport en Zoho ManageEngine NetFlow Analyzer versi\u00f3n 12.3, permite a los atacantes ejecutar comandos SQL arbitrarios por medio del par\u00e1metro DeviceID."
}
],
"id": "CVE-2019-12196",
"lastModified": "2024-11-21T04:22:24.403",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-05T18:29:01.060",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/108672"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.manageengine.com/products/netflow/readme.html#124029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/108672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.manageengine.com/products/netflow/readme.html#124029"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-29 12:29
Modified
2024-11-21 03:46
Severity ?
Summary
Incorrect Access Control in FailOverHelperServlet in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows attackers to read certain files on the web server without login by sending a specially crafted request to the server with the operation=copyfile&fileName= substring.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:firewall_analyzer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFC3545-5EE0-4722-BFB6-58B3AF246F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0940949F-4EB4-460B-8CE9-56B6387250F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA1C4C73-FD72-4EE7-BE63-D83C373E6A3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91373406-389A-404C-81A1-BA994B0C06DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0AE5990D-D4B9-4D55-B221-20A9BF765C0A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Incorrect Access Control in FailOverHelperServlet in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows attackers to read certain files on the web server without login by sending a specially crafted request to the server with the operation=copyfile\u0026fileName= substring."
},
{
"lang": "es",
"value": "Control de acceso incorrecto en FailOverHelperServlet en Zoho ManageEngine Netflow Analyzer antes de la build123137, Network Configuration Manager antes de la build 123128, OpManager antes de la build 123148, OpUtils antes de la build 123161 y Firewall Analyzer antes de la build 123147 permite a los atacantes leer determinados archivos en el servidor web sin necesidad de iniciar sesi\u00f3n mediante el env\u00edo de una petici\u00f3n especialmente manipulada al servidor con la subcadena operation=copyfilefileName=."
}
],
"id": "CVE-2018-12997",
"lastModified": "2024-11-21T03:46:13.037",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-29T12:29:00.437",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/148635/Zoho-ManageEngine-13-13790-build-XSS-File-Read-File-Deletion.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2018/Jul/73"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201807-037"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/unh3x/just4cve/issues/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/148635/Zoho-ManageEngine-13-13790-build-XSS-File-Read-File-Deletion.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2018/Jul/73"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201807-037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/unh3x/just4cve/issues/8"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-21 16:01
Modified
2024-11-21 04:48
Severity ?
Summary
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the task parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html | Exploit, Patch, Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://seclists.org/fulldisclosure/2019/Feb/29 | Exploit, Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | https://www.manageengine.com/products/netflow/?doc | Product, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html | Exploit, Patch, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Feb/29 | Exploit, Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.manageengine.com/products/netflow/?doc | Product, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zohocorp | manageengine_netflow_analyzer | 7.0.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:7.0.0.2:*:*:*:professional:*:*:*",
"matchCriteriaId": "E8A06D7A-579E-40E2-9E31-8127E90869FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone \"/netflow/jspui/linkdownalertConfig.jsp\" file in the task parameter."
},
{
"lang": "es",
"value": "Existe Cross-Site Scripting (XSS) en Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 en la zona de Administrador en el archivo \"/netflow/jspui/linkdownalertConfig.jsp\" en el par\u00e1metro task."
}
],
"id": "CVE-2019-7425",
"lastModified": "2024-11-21T04:48:12.373",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-21T16:01:13.377",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
},
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-29 21:15
Modified
2024-11-21 07:17
Severity ?
Summary
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://manageengine.com | Vendor Advisory | |
| cve@mitre.org | https://www.manageengine.com/itom/advisory/cve-2022-38772.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://manageengine.com | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.manageengine.com/itom/advisory/cve-2022-38772.html | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125450:*:*:*:*:*:*",
"matchCriteriaId": "BEC805D2-CFDC-40DE-AA70-42A91461BEE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125451:*:*:*:*:*:*",
"matchCriteriaId": "4767BF5A-B867-44BB-B152-E2AFA63B06D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125452:*:*:*:*:*:*",
"matchCriteriaId": "5855C471-07AB-4A96-9631-26C6C8B01F67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125453:*:*:*:*:*:*",
"matchCriteriaId": "5075910F-3676-439A-879A-5CBE2C734347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125455:*:*:*:*:*:*",
"matchCriteriaId": "20808F91-7F08-4BA9-9075-C54337EC68E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125456:*:*:*:*:*:*",
"matchCriteriaId": "C700CE3B-31B5-4B4D-A378-70EC26D6F88B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125459:*:*:*:*:*:*",
"matchCriteriaId": "A05AFF4D-4EF9-4939-81CC-0AB55DA596F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125464:*:*:*:*:*:*",
"matchCriteriaId": "86C3E31F-87E2-459F-8D1B-C6D1A237960D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125467:*:*:*:*:*:*",
"matchCriteriaId": "A3E7FC26-0000-4D4B-B489-DF0E2CD2B13C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125469:*:*:*:*:*:*",
"matchCriteriaId": "13E6E0F9-9D03-4665-9C89-6BE62ADCB39C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125471:*:*:*:*:*:*",
"matchCriteriaId": "0DE52003-E959-420F-89A1-C86D8FB12DBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125476:*:*:*:*:*:*",
"matchCriteriaId": "6E9C9051-7FDE-4DEE-85DC-0798524DC17A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125482:*:*:*:*:*:*",
"matchCriteriaId": "5BE3598F-CEB4-4553-BB50-AA778BBF8BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125483:*:*:*:*:*:*",
"matchCriteriaId": "4C71852D-D529-469A-9111-6D4DB8381BD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125484:*:*:*:*:*:*",
"matchCriteriaId": "EC3F7DA9-3FBF-4D67-8BA5-2643E706F64F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125485:*:*:*:*:*:*",
"matchCriteriaId": "53E2DF01-9A39-4E50-BEDE-D49988CE5CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125488:*:*:*:*:*:*",
"matchCriteriaId": "0015664D-11BC-4DEE-BC5B-DB3D1FE8DF82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125490:*:*:*:*:*:*",
"matchCriteriaId": "8B49F887-4574-4B3C-A8A7-57F75B27447F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125557:*:*:*:*:*:*",
"matchCriteriaId": "C1E93E4D-0E54-41DF-843A-E8AE94EAD0BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125566:*:*:*:*:*:*",
"matchCriteriaId": "1617ADAD-2E13-4910-B600-3EC7E59B087C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125568:*:*:*:*:*:*",
"matchCriteriaId": "4E7B4955-F688-47DE-B1FF-D417EBDFF9C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125582:*:*:*:*:*:*",
"matchCriteriaId": "5F982932-5513-411A-9CBF-3082C7ECEF0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125584:*:*:*:*:*:*",
"matchCriteriaId": "0B5378E9-D011-4B12-8DEE-442F22789C08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125585:*:*:*:*:*:*",
"matchCriteriaId": "8232CBA1-55DA-4F3C-A9E5-A204A25231C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125606:*:*:*:*:*:*",
"matchCriteriaId": "253569A5-4A2E-4163-88DC-C0FE6B79E06E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125615:*:*:*:*:*:*",
"matchCriteriaId": "A30281F3-4DE2-4ED3-91A7-AE7A091C31E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125647:*:*:*:*:*:*",
"matchCriteriaId": "F76B196B-B5F8-4E84-9BBE-9D45A2FB2A26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125656:*:*:*:*:*:*",
"matchCriteriaId": "F267C53D-6F27-4DFF-BB3C-7B299E07F487",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125657:*:*:*:*:*:*",
"matchCriteriaId": "954239B1-B0FD-43EA-AAF7-ECB55E395E9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125664:*:*:*:*:*:*",
"matchCriteriaId": "574117B3-2785-4971-ABBE-55C08010E16B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126000:*:*:*:*:*:*",
"matchCriteriaId": "8C4AA98C-BFFE-46E9-A3C3-D37298A8F6F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126001:*:*:*:*:*:*",
"matchCriteriaId": "B907FD6F-BA43-4D8D-90C4-F51CD693E9B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126100:*:*:*:*:*:*",
"matchCriteriaId": "B6CF111E-B976-46D1-A246-B7D1750FFC45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126101:*:*:*:*:*:*",
"matchCriteriaId": "36CBCAF8-B7FE-4611-A9DE-C82BCDE81A86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126102:*:*:*:*:*:*",
"matchCriteriaId": "33D8FC4D-0EF1-4C5B-A677-7269FFF068C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126113:*:*:*:*:*:*",
"matchCriteriaId": "6594EF08-E72F-4A59-86DB-B63E0CCE4463",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126114:*:*:*:*:*:*",
"matchCriteriaId": "219B0F9E-A087-4AA2-B723-E3D68BEC9D21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126115:*:*:*:*:*:*",
"matchCriteriaId": "852A63FF-F97B-4BB9-869F-383E9FABE929",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126116:*:*:*:*:*:*",
"matchCriteriaId": "FA6C4793-6913-4C51-A2D4-B906D2CBEA94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126117:*:*:*:*:*:*",
"matchCriteriaId": "3AF232D9-6735-4296-91C8-A451A1801287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126118:*:*:*:*:*:*",
"matchCriteriaId": "11ACA60F-055A-44F5-8FE2-7FA61AE6F3CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126119:*:*:*:*:*:*",
"matchCriteriaId": "9EC35E5A-0C46-458C-AF33-5B699B8F5EBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125450:*:*:*:*:*:*",
"matchCriteriaId": "855EA944-CB73-4193-94E0-9D706FF554C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125451:*:*:*:*:*:*",
"matchCriteriaId": "002FDBC8-72DE-46C6-A84B-B4A51F3228F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125452:*:*:*:*:*:*",
"matchCriteriaId": "AABA0E18-790D-4A86-91C4-1C50D2B6167C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125453:*:*:*:*:*:*",
"matchCriteriaId": "797C3F7A-E5CE-48B7-9BC1-4A637131C061",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125455:*:*:*:*:*:*",
"matchCriteriaId": "7EE387F3-24C8-4933-A25E-D9C4026469D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125456:*:*:*:*:*:*",
"matchCriteriaId": "2D219374-C6A2-4A28-AF41-ABC633D8C9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125459:*:*:*:*:*:*",
"matchCriteriaId": "0C67D5FC-5965-4AC1-80A5-931BE60B5E86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125465:*:*:*:*:*:*",
"matchCriteriaId": "139E25D9-A4C8-4041-ADF7-4618DFEEE8C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125469:*:*:*:*:*:*",
"matchCriteriaId": "6A65F3F7-45D3-49EB-9784-1F13FA2CBB0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125471:*:*:*:*:*:*",
"matchCriteriaId": "3795D2DE-622F-4C82-B133-0993A01AC1FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125475:*:*:*:*:*:*",
"matchCriteriaId": "C0DB9896-BC25-46E3-AA6F-496A442BE525",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125482:*:*:*:*:*:*",
"matchCriteriaId": "CE56A949-74AC-4138-8AD3-31F5763860EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125483:*:*:*:*:*:*",
"matchCriteriaId": "4A3DB867-FD46-46EB-AEF0-2B6E79371AF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125485:*:*:*:*:*:*",
"matchCriteriaId": "7881FBB4-AC09-4EB9-B02F-3EA19237E095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125488:*:*:*:*:*:*",
"matchCriteriaId": "F391E432-98B8-4D97-8AD4-FB1A84FAF774",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125490:*:*:*:*:*:*",
"matchCriteriaId": "61D908B2-446E-48EC-9F6B-91E8BF0F6A38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125565:*:*:*:*:*:*",
"matchCriteriaId": "FD5F28B0-580E-4CD4-917A-496D35AD271A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125568:*:*:*:*:*:*",
"matchCriteriaId": "F0FC96AA-F2F4-4C35-8BF7-6318A2F624A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125583:*:*:*:*:*:*",
"matchCriteriaId": "6EA008F1-4E47-4753-8506-769B29AB5BA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125584:*:*:*:*:*:*",
"matchCriteriaId": "7ED68CDE-1096-4490-8E6B-78F4AC2BB729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125598:*:*:*:*:*:*",
"matchCriteriaId": "34F8D9B7-3BD7-44C0-A292-162928729F36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125612:*:*:*:*:*:*",
"matchCriteriaId": "7446678C-E2DB-4EA2-BC9B-430C8EC7804B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125615:*:*:*:*:*:*",
"matchCriteriaId": "33C57314-5503-48BD-9ED2-D76517C9C0F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125617:*:*:*:*:*:*",
"matchCriteriaId": "AC201C68-2C1D-4E75-9443-C5F853A37AB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125646:*:*:*:*:*:*",
"matchCriteriaId": "FBC08E48-51FA-497F-B5EB-349081888402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125650:*:*:*:*:*:*",
"matchCriteriaId": "FD78483C-8AC8-46B3-A1FB-2DA04468BCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125656:*:*:*:*:*:*",
"matchCriteriaId": "D1DBA938-81D2-4CF8-B1F2-B71C4B82835D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125657:*:*:*:*:*:*",
"matchCriteriaId": "187ADAD1-1AEC-447D-8818-C02AE12C4505",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125664:*:*:*:*:*:*",
"matchCriteriaId": "88C4DF20-F8A7-4673-9639-42522C6BB3C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126000:*:*:*:*:*:*",
"matchCriteriaId": "722ACCC8-EC9C-4700-A5D0-5C6EFE8E36AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126001:*:*:*:*:*:*",
"matchCriteriaId": "FC0970ED-62DC-442B-AA29-618ADBD66E13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126002:*:*:*:*:*:*",
"matchCriteriaId": "B09FDE60-23E6-4738-857C-8E4A974BDED6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126100:*:*:*:*:*:*",
"matchCriteriaId": "8D6852F2-14B0-4EAE-B420-67A0103C10EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126101:*:*:*:*:*:*",
"matchCriteriaId": "BF0CBE7F-B124-4ABD-82F5-CB85341CAC86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126102:*:*:*:*:*:*",
"matchCriteriaId": "08A4CCDD-0892-4FF3-8E17-41D6AB8FC747",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126103:*:*:*:*:*:*",
"matchCriteriaId": "2DB6B15E-6513-4590-A5C1-A949341411F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126104:*:*:*:*:*:*",
"matchCriteriaId": "F7367402-515B-4055-B19F-2FF7699C2C94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126113:*:*:*:*:*:*",
"matchCriteriaId": "C1DF8B30-1820-4DA1-AB30-996FCC99192B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126114:*:*:*:*:*:*",
"matchCriteriaId": "09C0FF80-AF4C-47F9-B35C-12A7F2843D0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126115:*:*:*:*:*:*",
"matchCriteriaId": "6445A4A5-E41D-4B60-88E7-0E5B66C2A096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126116:*:*:*:*:*:*",
"matchCriteriaId": "645D9C07-A2F4-4E8B-B2FD-39330CD7BE14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126117:*:*:*:*:*:*",
"matchCriteriaId": "63739B14-BBAF-4F12-A178-36CE2C0F6B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126118:*:*:*:*:*:*",
"matchCriteriaId": "B4E90D5B-95BB-4443-B7A6-8083245677B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126119:*:*:*:*:*:*",
"matchCriteriaId": "229795D9-D38B-4EAE-8725-208D245E02FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125450:*:*:*:*:*:*",
"matchCriteriaId": "A436DAC3-05F7-48DE-A2E2-0084AE31D9A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125451:*:*:*:*:*:*",
"matchCriteriaId": "544961BA-03CA-49D6-AB7C-CFF597B3BB8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125452:*:*:*:*:*:*",
"matchCriteriaId": "9CDBD0CB-8495-44A1-BF9B-29A195D9F718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125453:*:*:*:*:*:*",
"matchCriteriaId": "73B5365C-92ED-41CC-9B05-8BB1FE21F3C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125455:*:*:*:*:*:*",
"matchCriteriaId": "B652092E-570C-4D4E-A133-627426C50F6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125456:*:*:*:*:*:*",
"matchCriteriaId": "DC13FB20-119C-47F9-870D-399811661896",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125457:*:*:*:*:*:*",
"matchCriteriaId": "BC457292-04FE-4643-8F1D-05DAEF3F70BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125466:*:*:*:*:*:*",
"matchCriteriaId": "29CBDA2B-5A6A-4DB0-AC37-EAD8E05B55BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125467:*:*:*:*:*:*",
"matchCriteriaId": "CD266A0D-E726-4BC7-B3B9-6E3176415188",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125468:*:*:*:*:*:*",
"matchCriteriaId": "046B7B6F-85DE-4BDB-8860-ECA208C4D697",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125469:*:*:*:*:*:*",
"matchCriteriaId": "C60E51D9-A842-49FF-8793-84C074DBE5EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125470:*:*:*:*:*:*",
"matchCriteriaId": "753B2FC9-342B-4456-85D9-27734BE7C6FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125476:*:*:*:*:*:*",
"matchCriteriaId": "BE930B14-4B22-4299-8DE8-7625342FC4E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125482:*:*:*:*:*:*",
"matchCriteriaId": "45B93007-AD6A-4978-9752-41DF72D34A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125483:*:*:*:*:*:*",
"matchCriteriaId": "863CBACB-F9A3-44AC-B795-C2C0EB5C9E3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125485:*:*:*:*:*:*",
"matchCriteriaId": "AB28B644-BFD0-4588-B544-A139B26DDDE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125486:*:*:*:*:*:*",
"matchCriteriaId": "944F7C2F-53D4-4933-BD63-DF15C5A5CD65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125487:*:*:*:*:*:*",
"matchCriteriaId": "F6D0F0D1-7DF5-4C8D-9B31-B347E5A567DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125488:*:*:*:*:*:*",
"matchCriteriaId": "870A721F-2991-4041-AB1D-DE3D953B8669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125489:*:*:*:*:*:*",
"matchCriteriaId": "4F7FC0E5-8D0D-45CF-AEFA-180B79BC8B0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125567:*:*:*:*:*:*",
"matchCriteriaId": "7D394493-D690-44F0-B3F0-FD39E46F31C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125568:*:*:*:*:*:*",
"matchCriteriaId": "AF8CBF57-EF1A-4C84-879B-1A4035F4236A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125587:*:*:*:*:*:*",
"matchCriteriaId": "2F1E924E-8896-41CE-82E2-F22943A02FCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125588:*:*:*:*:*:*",
"matchCriteriaId": "FB058840-E3D0-45FA-B95F-3445A7719118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125589:*:*:*:*:*:*",
"matchCriteriaId": "FD9B23C4-3458-4E6C-B1AB-D4A36BE8FFA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125597:*:*:*:*:*:*",
"matchCriteriaId": "D2A7AA89-7233-4624-894A-B2B996D1D270",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125598:*:*:*:*:*:*",
"matchCriteriaId": "B6B402ED-8B64-4FB0-B9E7-76E499A4115F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125599:*:*:*:*:*:*",
"matchCriteriaId": "4E8B01F2-0A03-48CF-8BAE-556A9C3D88FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125601:*:*:*:*:*:*",
"matchCriteriaId": "3C07E022-B75C-4491-8A30-9A1532D0472C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125603:*:*:*:*:*:*",
"matchCriteriaId": "00E92DB5-8D53-4129-92D0-AD1DA0F1FEB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125604:*:*:*:*:*:*",
"matchCriteriaId": "913CD99C-8F47-47BD-BD7C-33762861BB08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125605:*:*:*:*:*:*",
"matchCriteriaId": "67B7F52E-7D7A-4AA9-9241-FFCC3DD49BBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125611:*:*:*:*:*:*",
"matchCriteriaId": "D02650C3-1A7F-4889-B6CB-11994054B5F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125612:*:*:*:*:*:*",
"matchCriteriaId": "01FEA1CA-351B-4E2B-A78E-60338682F97F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125613:*:*:*:*:*:*",
"matchCriteriaId": "04C9E097-FE04-42BD-96C8-2A3A9FD50B25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125614:*:*:*:*:*:*",
"matchCriteriaId": "94F895DB-C865-4AED-A1D9-CE69C0EF52FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125615:*:*:*:*:*:*",
"matchCriteriaId": "8B565B12-283F-4323-9C88-FD3CF5646DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125616:*:*:*:*:*:*",
"matchCriteriaId": "9FDC3394-293E-44CF-A83F-FE047A4E4DE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125617:*:*:*:*:*:*",
"matchCriteriaId": "01846F8F-D7D6-4CD9-B83E-41B70C691761",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125628:*:*:*:*:*:*",
"matchCriteriaId": "CAE013FC-357D-42DA-B223-D40B3C813089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125629:*:*:*:*:*:*",
"matchCriteriaId": "E4BA87E9-5E37-41EE-835C-13F68ABC9C06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125630:*:*:*:*:*:*",
"matchCriteriaId": "D2034E17-2DB9-4229-B7D4-D14761CEE699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125631:*:*:*:*:*:*",
"matchCriteriaId": "39FBAFB9-5703-4EEA-BFF3-45B958E0805F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125632:*:*:*:*:*:*",
"matchCriteriaId": "775D060A-773F-40BE-8FF3-6353EEA6A6BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125634:*:*:*:*:*:*",
"matchCriteriaId": "D8326A48-9DDB-4502-B97F-ABCB151E2C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125635:*:*:*:*:*:*",
"matchCriteriaId": "94ACC068-8260-4331-8B1C-E19B66D0738B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125638:*:*:*:*:*:*",
"matchCriteriaId": "FE3C3B0A-BD28-4291-BD28-61A1EEB7AE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125639:*:*:*:*:*:*",
"matchCriteriaId": "94A96109-2BDE-4836-B1BF-FC90003DC018",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125645:*:*:*:*:*:*",
"matchCriteriaId": "E1303424-7BCA-4445-BDBC-B4B546E0ED05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125648:*:*:*:*:*:*",
"matchCriteriaId": "EFFB585B-80EB-4EA3-BEC6-4E34FE952948",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125649:*:*:*:*:*:*",
"matchCriteriaId": "8D7B62B9-AAD9-4021-A806-21E61719E437",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125651:*:*:*:*:*:*",
"matchCriteriaId": "F1BF50D1-031E-4E39-9D15-FFC2CFB636D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125652:*:*:*:*:*:*",
"matchCriteriaId": "F045D3C8-315C-42AB-B9D0-4B5267E70417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125653:*:*:*:*:*:*",
"matchCriteriaId": "AC4FD2D6-9BA7-4889-96A2-DC946831469F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125654:*:*:*:*:*:*",
"matchCriteriaId": "3D86914B-49B5-4002-A4C7-3712C87F7626",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125655:*:*:*:*:*:*",
"matchCriteriaId": "9B2EBC6B-0C4D-40A7-A1B7-4AC7BF98A744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125656:*:*:*:*:*:*",
"matchCriteriaId": "2C5ED401-A964-44D5-AB2F-C07D35BD96D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125657:*:*:*:*:*:*",
"matchCriteriaId": "E424B820-3C4E-45C0-B74F-470E1E331127",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125664:*:*:*:*:*:*",
"matchCriteriaId": "1C14D389-AA7A-4CD3-A0B5-EF052907FEE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126000:*:*:*:*:*:*",
"matchCriteriaId": "48C09D5D-BC77-42DC-9A72-00A71F8C1A21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126001:*:*:*:*:*:*",
"matchCriteriaId": "14269E88-7186-4F2C-B770-964D0AD7D414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126002:*:*:*:*:*:*",
"matchCriteriaId": "31498701-6732-40E4-8F3D-55EE8A77D61B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126100:*:*:*:*:*:*",
"matchCriteriaId": "C46D091F-095F-4F1D-8D16-1021E15BC963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126101:*:*:*:*:*:*",
"matchCriteriaId": "2AE780F5-EF56-45F3-A5E7-805A24C04A97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126102:*:*:*:*:*:*",
"matchCriteriaId": "212A00BA-ED01-45F3-9E9C-9E6B75B82CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126103:*:*:*:*:*:*",
"matchCriteriaId": "CBFA159F-0293-4E44-BB20-173021991107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126104:*:*:*:*:*:*",
"matchCriteriaId": "356504E5-BE0A-4F54-8713-AC9EA29D189C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126113:*:*:*:*:*:*",
"matchCriteriaId": "27D49B1C-1140-4CA7-B10A-9B59ACE69208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126114:*:*:*:*:*:*",
"matchCriteriaId": "1979F66B-749E-41F8-9CBD-E4AD4483B500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126115:*:*:*:*:*:*",
"matchCriteriaId": "BC5A1967-8D4F-4090-A2BA-5FFCEAA2EFFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126116:*:*:*:*:*:*",
"matchCriteriaId": "50D85F0C-201C-44D3-92C7-261095B4B03E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126117:*:*:*:*:*:*",
"matchCriteriaId": "36B6C5A9-FC13-4AB0-BE8B-9DFA8FDB0C57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126118:*:*:*:*:*:*",
"matchCriteriaId": "B621572C-448C-43C4-AF8E-EEBCFADF3630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126119:*:*:*:*:*:*",
"matchCriteriaId": "AAAF3692-3979-494B-831A-D8BFE127A6C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125450:*:*:*:*:*:*",
"matchCriteriaId": "342D59C3-B7A8-44AF-8298-743F5487CD91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125656:*:*:*:*:*:*",
"matchCriteriaId": "9A6D1AC1-8480-42C9-90C6-F47E58B7E44B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125657:*:*:*:*:*:*",
"matchCriteriaId": "8BBD4797-AC5A-4CBE-8878-067116BB8E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125664:*:*:*:*:*:*",
"matchCriteriaId": "F31C74BA-085E-482C-A1E8-D6E9A69462B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126000:*:*:*:*:*:*",
"matchCriteriaId": "5D3E1BC5-7D01-45E9-A92D-7F2D623F1C4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126001:*:*:*:*:*:*",
"matchCriteriaId": "B15B6E60-9DF9-4524-8387-8CF0B2B6D0F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126002:*:*:*:*:*:*",
"matchCriteriaId": "DEB00990-C73C-4B46-B87D-80E3B5B39302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126100:*:*:*:*:*:*",
"matchCriteriaId": "06AEE3B8-3A71-466D-880F-B39E6E4D9899",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126103:*:*:*:*:*:*",
"matchCriteriaId": "C7E2FFFB-975D-4FFF-A54E-01336B2687BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126104:*:*:*:*:*:*",
"matchCriteriaId": "34A43740-26B4-4D73-BC53-7D14529BA78B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126113:*:*:*:*:*:*",
"matchCriteriaId": "4C1FB9D8-1DA7-486C-9418-9C00F4D184D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126117:*:*:*:*:*:*",
"matchCriteriaId": "F78374E4-E4AF-4E77-9AE6-BEC58DCAB6AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126119:*:*:*:*:*:*",
"matchCriteriaId": "8912068D-3412-47E5-A790-0CDB29E05F20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125450:*:*:*:*:*:*",
"matchCriteriaId": "989668B0-0AEB-4E8B-AC51-42058CC6AC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125656:*:*:*:*:*:*",
"matchCriteriaId": "DC747248-7154-440A-BCD7-2E0F8ACFC042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125657:*:*:*:*:*:*",
"matchCriteriaId": "6A811C73-AE4A-4B56-841E-A8F2649463E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125664:*:*:*:*:*:*",
"matchCriteriaId": "F4791DD2-AD34-4239-85CB-D87080D97AA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126000:*:*:*:*:*:*",
"matchCriteriaId": "F6E1060D-0E32-4330-BB0A-C35D5E11BCE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126001:*:*:*:*:*:*",
"matchCriteriaId": "FB7DAAA8-6A7B-41EF-8783-7EFDEE747332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126002:*:*:*:*:*:*",
"matchCriteriaId": "87907DDD-12AF-435A-A005-893FED115AAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126100:*:*:*:*:*:*",
"matchCriteriaId": "EA101FBC-D697-4A7E-B539-79097228B735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126103:*:*:*:*:*:*",
"matchCriteriaId": "4CC9EF3C-6768-4976-94C8-3FBEE6093ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126104:*:*:*:*:*:*",
"matchCriteriaId": "362871E6-BF7C-46D4-8EFE-C87E96C71799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126113:*:*:*:*:*:*",
"matchCriteriaId": "B5934D8A-C10F-47BC-BB73-45B8CB71C686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126117:*:*:*:*:*:*",
"matchCriteriaId": "59E334B0-6BF6-4674-9D9D-7E9C988BAB57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126119:*:*:*:*:*:*",
"matchCriteriaId": "E866F2AE-FB51-4270-A673-B1299C7CD2F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125450:*:*:*:*:*:*",
"matchCriteriaId": "2BF85206-863D-493C-88F4-15B0BA5276A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125451:*:*:*:*:*:*",
"matchCriteriaId": "3C9DE996-1DEC-4AF0-89FD-1E3DA3967BC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125452:*:*:*:*:*:*",
"matchCriteriaId": "75FF4D85-97C8-4DF4-ADE6-EDE8EC2DD5BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125453:*:*:*:*:*:*",
"matchCriteriaId": "9CAC6467-19F7-4CB2-A5FC-B57A14F4636C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125455:*:*:*:*:*:*",
"matchCriteriaId": "60EB56E2-7367-4488-A00D-41464E86B06D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125456:*:*:*:*:*:*",
"matchCriteriaId": "3E315636-0897-4421-882D-E8196F7ACAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125657:*:*:*:*:*:*",
"matchCriteriaId": "6DC52F3E-EC5F-404B-ABD7-615B8AB522A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125664:*:*:*:*:*:*",
"matchCriteriaId": "E3552F71-C708-41A4-9168-5673C086F507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126000:*:*:*:*:*:*",
"matchCriteriaId": "9505C545-2540-4554-B774-6ECCD64D6115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126001:*:*:*:*:*:*",
"matchCriteriaId": "06CF15AE-51A6-4FB4-A0DA-6097F0B2BE98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126002:*:*:*:*:*:*",
"matchCriteriaId": "7B97826F-4765-4D11-972E-EEA0E23CE7CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126100:*:*:*:*:*:*",
"matchCriteriaId": "11A17B44-C69A-424A-A305-0AD61DCDA2A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126101:*:*:*:*:*:*",
"matchCriteriaId": "8600CCB2-4642-4760-AE10-854446251673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126102:*:*:*:*:*:*",
"matchCriteriaId": "087A0139-FA4B-4C85-BAAD-1BDCF7B5F91B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126103:*:*:*:*:*:*",
"matchCriteriaId": "2F3B1A89-93A9-43F1-9246-E2081F26DBBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126104:*:*:*:*:*:*",
"matchCriteriaId": "D24EB0A7-64AB-4203-BDAC-57867083FF6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126113:*:*:*:*:*:*",
"matchCriteriaId": "9A7C64F7-9B85-4C7F-95B9-468200D2EA7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126114:*:*:*:*:*:*",
"matchCriteriaId": "1EE78F81-5F9D-4B98-BA82-24EE281041C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126115:*:*:*:*:*:*",
"matchCriteriaId": "298A1371-E23E-4954-8C16-B0F70A575A77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126116:*:*:*:*:*:*",
"matchCriteriaId": "BA174B71-5D43-4783-8744-1A4020A157C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126117:*:*:*:*:*:*",
"matchCriteriaId": "ADB451D9-106E-40DA-A499-B1D8DB1B78BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126119:*:*:*:*:*:*",
"matchCriteriaId": "156225CC-1B65-4AB2-80CE-806491E0E973",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature."
},
{
"lang": "es",
"value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer y OpUtils versiones anteriores a 125658, 126003, 126105 y 126120, permiten a usuarios autenticados realizar cambios en la base de datos que conllevan a una ejecuci\u00f3n de c\u00f3digo remota en la funci\u00f3n NMAP"
}
],
"id": "CVE-2022-38772",
"lastModified": "2024-11-21T07:17:03.677",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-29T21:15:09.227",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://manageengine.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.manageengine.com/itom/advisory/cve-2022-38772.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://manageengine.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.manageengine.com/itom/advisory/cve-2022-38772.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-09 00:59
Modified
2024-11-21 02:31
Severity ?
Summary
Zoho NetFlow Analyzer build 10250 and earlier does not have an off autocomplete attribute for a password field, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zohocorp | manageengine_netflow_analyzer | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0940949F-4EB4-460B-8CE9-56B6387250F3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Zoho NetFlow Analyzer build 10250 and earlier does not have an off autocomplete attribute for a password field, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation."
},
{
"lang": "es",
"value": "Zoho NetFlow Analyzer build 10250 y anteriores no tiene un atributo \u0027apagar el auto completado\u0027 (off autocomplete) para un campo de contrase\u00f1a, lo que facilita a atacantes remotos obtener el acceso mediante el aprovechamiento de una estaci\u00f3n de trabajo desatendida."
}
],
"id": "CVE-2015-4418",
"lastModified": "2024-11-21T02:31:01.707",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-09T00:59:04.510",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75068"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032516"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75068"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032516"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-21 16:01
Modified
2024-11-21 04:48
Severity ?
Summary
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/addMailSettings.jsp" file in the gF parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html | Exploit, Patch, Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://seclists.org/fulldisclosure/2019/Feb/29 | Exploit, Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | https://www.manageengine.com/products/netflow/?doc | Product, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html | Exploit, Patch, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Feb/29 | Exploit, Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.manageengine.com/products/netflow/?doc | Product, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zohocorp | manageengine_netflow_analyzer | 7.0.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:7.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C610B76C-FD74-4B2E-AF19-B2ABC7B0B275",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone \"/netflow/jspui/addMailSettings.jsp\" file in the gF parameter."
},
{
"lang": "es",
"value": "Existe Cross-Site Scripting (XSS) en Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 en la zona de Administrador en el archivo \"/netflow/jspui/addMailSettings.jsp\" en el par\u00e1metro gF."
}
],
"id": "CVE-2019-7422",
"lastModified": "2024-11-21T04:48:11.907",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-21T16:01:13.140",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
},
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-17 14:29
Modified
2024-11-21 04:50
Severity ?
Summary
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/popup1.jsp file via these GET parameters: bussAlert, customDev, and selSource.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://seclists.org/fulldisclosure/2019/Feb/45 | Exploit, Mailing List, Third Party Advisory | |
| cve@mitre.org | https://www.exploit-db.com/exploits/46425/ | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.manageengine.com/products/netflow/?doc | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Feb/45 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/46425/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.manageengine.com/products/netflow/?doc | Product |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zohocorp | manageengine_netflow_analyzer | 7.0.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:7.0.0.2:*:*:*:professional:*:*:*",
"matchCriteriaId": "E8A06D7A-579E-40E2-9E31-8127E90869FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/popup1.jsp file via these GET parameters: bussAlert, customDev, and selSource."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS existe en el archivo /netflow/jspui/popup1.jsp de la zona de administraci\u00f3n a trav\u00e9s de estos par\u00e1metros GET: bussAlert, customDev y selSource."
}
],
"id": "CVE-2019-8926",
"lastModified": "2024-11-21T04:50:40.433",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-17T14:29:00.217",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/45"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/46425/"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/45"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/46425/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-09 00:59
Modified
2024-11-21 02:28
Severity ?
Summary
Zoho NetFlow Analyzer build 10250 and earlier does not check for administrative authorization, which allows remote attackers to obtain sensitive information, modify passwords, or remove accounts by leveraging the guest role.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zohocorp | manageengine_netflow_analyzer | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0940949F-4EB4-460B-8CE9-56B6387250F3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Zoho NetFlow Analyzer build 10250 and earlier does not check for administrative authorization, which allows remote attackers to obtain sensitive information, modify passwords, or remove accounts by leveraging the guest role."
},
{
"lang": "es",
"value": "Zoho NetFlow Analyzer build 10250 y anteriores no comprueba para la autorizaci\u00f3n administrativa, lo que permite a atacantes remotos obtener informaci\u00f3n sensible, modificar contrase\u00f1as o eliminar cuentas mediante el aprovechamiento del role de invitado."
}
],
"id": "CVE-2015-2959",
"lastModified": "2024-11-21T02:28:23.820",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-09T00:59:01.353",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN25598413/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000075"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.securityfocus.com/bid/75065"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.securitytracker.com/id/1032516"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN25598413/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000075"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032516"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-21 16:01
Modified
2024-11-21 04:48
Severity ?
Summary
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/editProfile.jsp" file in the userName parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html | Exploit, Patch, Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://seclists.org/fulldisclosure/2019/Feb/29 | Exploit, Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | https://www.manageengine.com/products/netflow/?doc | Product, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html | Exploit, Patch, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Feb/29 | Exploit, Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.manageengine.com/products/netflow/?doc | Product, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zohocorp | manageengine_netflow_analyzer | 7.0.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:7.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C610B76C-FD74-4B2E-AF19-B2ABC7B0B275",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone \"/netflow/jspui/editProfile.jsp\" file in the userName parameter."
},
{
"lang": "es",
"value": "Existe Cross-Site Scripting (XSS) en Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 en la zona de Administrador en el archivo \"/netflow/jspui/editProfile.jsp\" en el par\u00e1metro userName."
}
],
"id": "CVE-2019-7423",
"lastModified": "2024-11-21T04:48:12.067",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-21T16:01:13.187",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
},
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-10 20:16
Modified
2024-11-21 07:14
Severity ?
Summary
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code execution.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125450:*:*:*:*:*:*",
"matchCriteriaId": "95767F18-02DA-4B39-941E-3111639A8295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125451:*:*:*:*:*:*",
"matchCriteriaId": "3D6B8568-FCE8-4283-A41A-98DDA07B3631",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125452:*:*:*:*:*:*",
"matchCriteriaId": "D6CF42CA-ED4F-4184-B392-B9BA6846A7D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125453:*:*:*:*:*:*",
"matchCriteriaId": "2AFC22CB-4540-498A-AAA1-0F6D1676F290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125455:*:*:*:*:*:*",
"matchCriteriaId": "6585CDEA-9649-45A3-8965-E2CEAB1ADFCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125456:*:*:*:*:*:*",
"matchCriteriaId": "5D9F4070-68B1-4444-991A-A2CB0063442A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125664:*:*:*:*:*:*",
"matchCriteriaId": "EF7CDF11-A00E-47B6-B8E3-512998134656",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126000:*:*:*:*:*:*",
"matchCriteriaId": "A0B3AA58-0D48-4152-BF08-357D4A2098AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126001:*:*:*:*:*:*",
"matchCriteriaId": "22171713-63E5-42F8-BD7B-835447371595",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126100:*:*:*:*:*:*",
"matchCriteriaId": "D42A5730-622F-4903-991D-B54881349ABC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126101:*:*:*:*:*:*",
"matchCriteriaId": "EC69DF45-45F8-4C7B-8457-666270C95895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126102:*:*:*:*:*:*",
"matchCriteriaId": "A33E48DB-3CC9-43FD-85F8-0F3C389B961E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126103:*:*:*:*:*:*",
"matchCriteriaId": "389CF8B9-F431-4369-A581-4BFBA1305A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126113:*:*:*:*:*:*",
"matchCriteriaId": "DBD1E3BA-4112-4AD5-A616-BCFD2D5C5FDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126114:*:*:*:*:*:*",
"matchCriteriaId": "4FFD8500-5E07-4B3E-88EC-27C403A9B44E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126115:*:*:*:*:*:*",
"matchCriteriaId": "0BED22ED-D040-4439-AEC6-8CCD74F29217",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126116:*:*:*:*:*:*",
"matchCriteriaId": "4D1C56BB-D28D-48B6-BA6B-7B403E248648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126117:*:*:*:*:*:*",
"matchCriteriaId": "A49349AE-4EA2-4CE4-B8B9-326D44264B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125450:*:*:*:*:*:*",
"matchCriteriaId": "BEC805D2-CFDC-40DE-AA70-42A91461BEE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125451:*:*:*:*:*:*",
"matchCriteriaId": "4767BF5A-B867-44BB-B152-E2AFA63B06D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125452:*:*:*:*:*:*",
"matchCriteriaId": "5855C471-07AB-4A96-9631-26C6C8B01F67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125453:*:*:*:*:*:*",
"matchCriteriaId": "5075910F-3676-439A-879A-5CBE2C734347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125455:*:*:*:*:*:*",
"matchCriteriaId": "20808F91-7F08-4BA9-9075-C54337EC68E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125456:*:*:*:*:*:*",
"matchCriteriaId": "C700CE3B-31B5-4B4D-A378-70EC26D6F88B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125664:*:*:*:*:*:*",
"matchCriteriaId": "574117B3-2785-4971-ABBE-55C08010E16B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126000:*:*:*:*:*:*",
"matchCriteriaId": "8C4AA98C-BFFE-46E9-A3C3-D37298A8F6F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126001:*:*:*:*:*:*",
"matchCriteriaId": "B907FD6F-BA43-4D8D-90C4-F51CD693E9B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126100:*:*:*:*:*:*",
"matchCriteriaId": "B6CF111E-B976-46D1-A246-B7D1750FFC45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126101:*:*:*:*:*:*",
"matchCriteriaId": "36CBCAF8-B7FE-4611-A9DE-C82BCDE81A86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126102:*:*:*:*:*:*",
"matchCriteriaId": "33D8FC4D-0EF1-4C5B-A677-7269FFF068C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126103:*:*:*:*:*:*",
"matchCriteriaId": "C510DE4D-B2AB-404D-BA49-3CE09FAECB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126113:*:*:*:*:*:*",
"matchCriteriaId": "6594EF08-E72F-4A59-86DB-B63E0CCE4463",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126114:*:*:*:*:*:*",
"matchCriteriaId": "219B0F9E-A087-4AA2-B723-E3D68BEC9D21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126115:*:*:*:*:*:*",
"matchCriteriaId": "852A63FF-F97B-4BB9-869F-383E9FABE929",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126116:*:*:*:*:*:*",
"matchCriteriaId": "FA6C4793-6913-4C51-A2D4-B906D2CBEA94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126117:*:*:*:*:*:*",
"matchCriteriaId": "3AF232D9-6735-4296-91C8-A451A1801287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125450:*:*:*:*:*:*",
"matchCriteriaId": "855EA944-CB73-4193-94E0-9D706FF554C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125451:*:*:*:*:*:*",
"matchCriteriaId": "002FDBC8-72DE-46C6-A84B-B4A51F3228F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125452:*:*:*:*:*:*",
"matchCriteriaId": "AABA0E18-790D-4A86-91C4-1C50D2B6167C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125453:*:*:*:*:*:*",
"matchCriteriaId": "797C3F7A-E5CE-48B7-9BC1-4A637131C061",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125455:*:*:*:*:*:*",
"matchCriteriaId": "7EE387F3-24C8-4933-A25E-D9C4026469D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125456:*:*:*:*:*:*",
"matchCriteriaId": "2D219374-C6A2-4A28-AF41-ABC633D8C9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125664:*:*:*:*:*:*",
"matchCriteriaId": "88C4DF20-F8A7-4673-9639-42522C6BB3C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126000:*:*:*:*:*:*",
"matchCriteriaId": "722ACCC8-EC9C-4700-A5D0-5C6EFE8E36AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126001:*:*:*:*:*:*",
"matchCriteriaId": "FC0970ED-62DC-442B-AA29-618ADBD66E13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126100:*:*:*:*:*:*",
"matchCriteriaId": "8D6852F2-14B0-4EAE-B420-67A0103C10EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126101:*:*:*:*:*:*",
"matchCriteriaId": "BF0CBE7F-B124-4ABD-82F5-CB85341CAC86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126102:*:*:*:*:*:*",
"matchCriteriaId": "08A4CCDD-0892-4FF3-8E17-41D6AB8FC747",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126103:*:*:*:*:*:*",
"matchCriteriaId": "2DB6B15E-6513-4590-A5C1-A949341411F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126113:*:*:*:*:*:*",
"matchCriteriaId": "C1DF8B30-1820-4DA1-AB30-996FCC99192B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126114:*:*:*:*:*:*",
"matchCriteriaId": "09C0FF80-AF4C-47F9-B35C-12A7F2843D0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126115:*:*:*:*:*:*",
"matchCriteriaId": "6445A4A5-E41D-4B60-88E7-0E5B66C2A096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126116:*:*:*:*:*:*",
"matchCriteriaId": "645D9C07-A2F4-4E8B-B2FD-39330CD7BE14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126117:*:*:*:*:*:*",
"matchCriteriaId": "63739B14-BBAF-4F12-A178-36CE2C0F6B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125450:*:*:*:*:*:*",
"matchCriteriaId": "A436DAC3-05F7-48DE-A2E2-0084AE31D9A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125451:*:*:*:*:*:*",
"matchCriteriaId": "544961BA-03CA-49D6-AB7C-CFF597B3BB8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125452:*:*:*:*:*:*",
"matchCriteriaId": "9CDBD0CB-8495-44A1-BF9B-29A195D9F718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125453:*:*:*:*:*:*",
"matchCriteriaId": "73B5365C-92ED-41CC-9B05-8BB1FE21F3C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125455:*:*:*:*:*:*",
"matchCriteriaId": "B652092E-570C-4D4E-A133-627426C50F6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125456:*:*:*:*:*:*",
"matchCriteriaId": "DC13FB20-119C-47F9-870D-399811661896",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125664:*:*:*:*:*:*",
"matchCriteriaId": "1C14D389-AA7A-4CD3-A0B5-EF052907FEE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126000:*:*:*:*:*:*",
"matchCriteriaId": "48C09D5D-BC77-42DC-9A72-00A71F8C1A21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126001:*:*:*:*:*:*",
"matchCriteriaId": "14269E88-7186-4F2C-B770-964D0AD7D414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126100:*:*:*:*:*:*",
"matchCriteriaId": "C46D091F-095F-4F1D-8D16-1021E15BC963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126101:*:*:*:*:*:*",
"matchCriteriaId": "2AE780F5-EF56-45F3-A5E7-805A24C04A97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126102:*:*:*:*:*:*",
"matchCriteriaId": "212A00BA-ED01-45F3-9E9C-9E6B75B82CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126103:*:*:*:*:*:*",
"matchCriteriaId": "CBFA159F-0293-4E44-BB20-173021991107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126113:*:*:*:*:*:*",
"matchCriteriaId": "27D49B1C-1140-4CA7-B10A-9B59ACE69208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126114:*:*:*:*:*:*",
"matchCriteriaId": "1979F66B-749E-41F8-9CBD-E4AD4483B500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126115:*:*:*:*:*:*",
"matchCriteriaId": "BC5A1967-8D4F-4090-A2BA-5FFCEAA2EFFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126116:*:*:*:*:*:*",
"matchCriteriaId": "50D85F0C-201C-44D3-92C7-261095B4B03E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126117:*:*:*:*:*:*",
"matchCriteriaId": "36B6C5A9-FC13-4AB0-BE8B-9DFA8FDB0C57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125450:*:*:*:*:*:*",
"matchCriteriaId": "342D59C3-B7A8-44AF-8298-743F5487CD91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125656:*:*:*:*:*:*",
"matchCriteriaId": "9A6D1AC1-8480-42C9-90C6-F47E58B7E44B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125664:*:*:*:*:*:*",
"matchCriteriaId": "F31C74BA-085E-482C-A1E8-D6E9A69462B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126000:*:*:*:*:*:*",
"matchCriteriaId": "5D3E1BC5-7D01-45E9-A92D-7F2D623F1C4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126001:*:*:*:*:*:*",
"matchCriteriaId": "B15B6E60-9DF9-4524-8387-8CF0B2B6D0F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126100:*:*:*:*:*:*",
"matchCriteriaId": "06AEE3B8-3A71-466D-880F-B39E6E4D9899",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126103:*:*:*:*:*:*",
"matchCriteriaId": "C7E2FFFB-975D-4FFF-A54E-01336B2687BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126113:*:*:*:*:*:*",
"matchCriteriaId": "4C1FB9D8-1DA7-486C-9418-9C00F4D184D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126117:*:*:*:*:*:*",
"matchCriteriaId": "F78374E4-E4AF-4E77-9AE6-BEC58DCAB6AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125450:*:*:*:*:*:*",
"matchCriteriaId": "989668B0-0AEB-4E8B-AC51-42058CC6AC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125656:*:*:*:*:*:*",
"matchCriteriaId": "DC747248-7154-440A-BCD7-2E0F8ACFC042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125664:*:*:*:*:*:*",
"matchCriteriaId": "F4791DD2-AD34-4239-85CB-D87080D97AA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126000:*:*:*:*:*:*",
"matchCriteriaId": "F6E1060D-0E32-4330-BB0A-C35D5E11BCE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126001:*:*:*:*:*:*",
"matchCriteriaId": "FB7DAAA8-6A7B-41EF-8783-7EFDEE747332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126100:*:*:*:*:*:*",
"matchCriteriaId": "EA101FBC-D697-4A7E-B539-79097228B735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126103:*:*:*:*:*:*",
"matchCriteriaId": "4CC9EF3C-6768-4976-94C8-3FBEE6093ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126113:*:*:*:*:*:*",
"matchCriteriaId": "B5934D8A-C10F-47BC-BB73-45B8CB71C686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126117:*:*:*:*:*:*",
"matchCriteriaId": "59E334B0-6BF6-4674-9D9D-7E9C988BAB57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125450:*:*:*:*:*:*",
"matchCriteriaId": "2BF85206-863D-493C-88F4-15B0BA5276A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125451:*:*:*:*:*:*",
"matchCriteriaId": "3C9DE996-1DEC-4AF0-89FD-1E3DA3967BC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125452:*:*:*:*:*:*",
"matchCriteriaId": "75FF4D85-97C8-4DF4-ADE6-EDE8EC2DD5BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125453:*:*:*:*:*:*",
"matchCriteriaId": "9CAC6467-19F7-4CB2-A5FC-B57A14F4636C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125455:*:*:*:*:*:*",
"matchCriteriaId": "60EB56E2-7367-4488-A00D-41464E86B06D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125456:*:*:*:*:*:*",
"matchCriteriaId": "3E315636-0897-4421-882D-E8196F7ACAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125664:*:*:*:*:*:*",
"matchCriteriaId": "E3552F71-C708-41A4-9168-5673C086F507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126000:*:*:*:*:*:*",
"matchCriteriaId": "9505C545-2540-4554-B774-6ECCD64D6115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126001:*:*:*:*:*:*",
"matchCriteriaId": "06CF15AE-51A6-4FB4-A0DA-6097F0B2BE98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126100:*:*:*:*:*:*",
"matchCriteriaId": "11A17B44-C69A-424A-A305-0AD61DCDA2A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126101:*:*:*:*:*:*",
"matchCriteriaId": "8600CCB2-4642-4760-AE10-854446251673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126102:*:*:*:*:*:*",
"matchCriteriaId": "087A0139-FA4B-4C85-BAAD-1BDCF7B5F91B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126103:*:*:*:*:*:*",
"matchCriteriaId": "2F3B1A89-93A9-43F1-9246-E2081F26DBBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126113:*:*:*:*:*:*",
"matchCriteriaId": "9A7C64F7-9B85-4C7F-95B9-468200D2EA7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126114:*:*:*:*:*:*",
"matchCriteriaId": "1EE78F81-5F9D-4B98-BA82-24EE281041C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126115:*:*:*:*:*:*",
"matchCriteriaId": "298A1371-E23E-4954-8C16-B0F70A575A77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126116:*:*:*:*:*:*",
"matchCriteriaId": "BA174B71-5D43-4783-8744-1A4020A157C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126117:*:*:*:*:*:*",
"matchCriteriaId": "ADB451D9-106E-40DA-A499-B1D8DB1B78BC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code execution."
},
{
"lang": "es",
"value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer y OpUtils versiones anteriores a 29-07-2022 hasta 30-07-2022 ( 125658, 126003, 126105 y 126120) permiten a usuarios autenticados realizar cambios en la base de datos que conllevan a una ejecuci\u00f3n de c\u00f3digo remota"
}
],
"id": "CVE-2022-37024",
"lastModified": "2024-11-21T07:14:18.503",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-10T20:16:05.147",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.manageengine.com/itom/advisory/cve-2022-37024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.manageengine.com/itom/advisory/cve-2022-37024.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-17 15:29
Modified
2024-11-21 04:50
Severity ?
Summary
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/selectDevice.jsp file in these GET parameters: param and rtype.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zohocorp | manageengine_netflow_analyzer | 7.0.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:7.0.0.2:*:*:*:professional:*:*:*",
"matchCriteriaId": "E8A06D7A-579E-40E2-9E31-8127E90869FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/selectDevice.jsp file in these GET parameters: param and rtype."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS existe en la zona de Administraci\u00f3n /netflow/jspui/selectDevice.jsp en estos par\u00e1metros GET: param y rtype."
}
],
"id": "CVE-2019-8929",
"lastModified": "2024-11-21T04:50:40.890",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-17T15:29:00.553",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/45"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/46425/"
},
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/45"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/46425/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-07 19:29
Modified
2024-11-21 04:48
Severity ?
Summary
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the groupDesc, groupName, groupID, or task parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://seclists.org/fulldisclosure/2019/Feb/29 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Feb/29 | Exploit, Mailing List, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zohocorp | manageengine_netflow_analyzer | 7.0.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:7.0.0.2:*:*:*:professional:*:*:*",
"matchCriteriaId": "E8A06D7A-579E-40E2-9E31-8127E90869FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone \"/netflow/jspui/linkdownalertConfig.jsp\" file in the groupDesc, groupName, groupID, or task parameter."
},
{
"lang": "es",
"value": "XSS en Zoho ManageEngine Netflow Analyzer Professional v7.0.0.0.2 en el archivo \"/netflow/jspui/linkdownalertConfig.jsp\" del groupDesc, groupName, groupID, o par\u00e1metro de tarea."
}
],
"id": "CVE-2019-7426",
"lastModified": "2024-11-21T04:48:12.523",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-07T19:29:01.223",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-17 15:29
Modified
2024-11-21 04:50
Severity ?
Summary
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/scheduleConfig.jsp file via these GET parameters: devSrc, emailId, excWeekModify, filterFlag, getFilter, mailReport, mset, popup, rep_schedule, rep_Type, schDesc, schName, schSource, selectDeviceDone, task, val10, and val11.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zohocorp | manageengine_netflow_analyzer | 7.0.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:7.0.0.2:*:*:*:professional:*:*:*",
"matchCriteriaId": "E8A06D7A-579E-40E2-9E31-8127E90869FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/scheduleConfig.jsp file via these GET parameters: devSrc, emailId, excWeekModify, filterFlag, getFilter, mailReport, mset, popup, rep_schedule, rep_Type, schDesc, schName, schSource, selectDeviceDone, task, val10, and val11."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS existe en la zona de administraci\u00f3n /netflow/jspui/scheduleConfig.jsp a trav\u00e9s de estos par\u00e1metros GET: devSrc, emailId, excWeekModify, filterFlag, getFilter, mailReport, mset, popup, rep_schedule, rep_Type, schDesc, schName, schSource, selectDeviceDone, task, val10, and val11."
}
],
"id": "CVE-2019-8927",
"lastModified": "2024-11-21T04:50:40.583",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-17T15:29:00.223",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/45"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/46425/"
},
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/45"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/46425/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-06-18 22:15
Modified
2024-11-21 04:22
Severity ?
Summary
Multiple Zoho ManageEngine products suffer from local privilege escalation due to improper permissions for the %SYSTEMDRIVE%\ManageEngine directory and its sub-folders. Moreover, the services associated with said products try to execute binaries such as sc.exe from the current directory upon system start. This will effectively allow non-privileged users to escalate privileges to NT AUTHORITY\SYSTEM. This affects Desktop Central 10.0.380, EventLog Analyzer 12.0.2, ServiceDesk Plus 10.0.0, SupportCenter Plus 8.1, O365 Manager Plus 4.0, Mobile Device Manager Plus 9.0.0, Patch Connect Plus 9.0.0, Vulnerability Manager Plus 9.0.0, Patch Manager Plus 9.0.0, OpManager 12.3, NetFlow Analyzer 11.0, OpUtils 11.0, Network Configuration Manager 11.0, FireWall 12.0, Key Manager Plus 5.6, Password Manager Pro 9.9, Analytics Plus 1.0, and Browser Security Plus.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_analytics_plus:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14FAD4FD-CD54-4FE7-A849-A4837D3413B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_browser_security_plus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DB71331-CB4A-41FD-AC26-90F833ED9D52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_desktop_central:10.0.380:*:*:*:*:*:*:*",
"matchCriteriaId": "643C7F9E-F838-421C-BB13-ECCFDF073C91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_eventlog_analyzer:12.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "67C97619-847C-43B7-ADC8-B9B9833FA5DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF81E8-5FEE-4178-9FB0-49CB377329BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_key_manager_plus:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "ABCFC9E0-7B46-46AB-87D4-596993A15859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_mobile_device_manager_plus:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2AF501-8A1A-4BB8-B796-0AFCF379B23A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "26D0B03D-B7B2-4E45-837A-C29DF895C065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB014B4E-EB9B-4B71-9E9C-EB28E254FBB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7C3D36-6C00-488D-B862-68EC243A9348",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "11843753-531F-4D94-AC7F-F23D6EC8728F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1B6B47F-EE8C-49C7-B2FF-B886C2D68849",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_password_manager_pro:9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "3E409911-AB1C-47CA-9E69-484B7E16FC17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1451EC-1F96-42AF-BEC9-0D370E827643",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_manager_plus:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F64E8AC1-A456-46B8-8940-A200C328A7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8AD30D38-181E-4397-98DF-A7BE8D745A10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "457BE370-7CAF-4010-AC8C-A059F4892408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_vulnerability_manager_plus:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D50F7EAA-D965-4C81-867C-FE4FC0DC9BB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple Zoho ManageEngine products suffer from local privilege escalation due to improper permissions for the %SYSTEMDRIVE%\\ManageEngine directory and its sub-folders. Moreover, the services associated with said products try to execute binaries such as sc.exe from the current directory upon system start. This will effectively allow non-privileged users to escalate privileges to NT AUTHORITY\\SYSTEM. This affects Desktop Central 10.0.380, EventLog Analyzer 12.0.2, ServiceDesk Plus 10.0.0, SupportCenter Plus 8.1, O365 Manager Plus 4.0, Mobile Device Manager Plus 9.0.0, Patch Connect Plus 9.0.0, Vulnerability Manager Plus 9.0.0, Patch Manager Plus 9.0.0, OpManager 12.3, NetFlow Analyzer 11.0, OpUtils 11.0, Network Configuration Manager 11.0, FireWall 12.0, Key Manager Plus 5.6, Password Manager Pro 9.9, Analytics Plus 1.0, and Browser Security Plus."
},
{
"lang": "es",
"value": "Varios productos Zoho ManageEngine sufren una escalada de privilegios locales debido a permisos inapropiados para el directorio %SYSTEMDRIVE%\\ManageEngine y sus subcarpetas. Adem\u00e1s, los servicios asociados con dichos productos intentan ejecutar archivos binarios como sc.exe desde el directorio actual durante un inicio de sistema. Esto permitir\u00e1 efectivamente a los usuarios no privilegiados escalar sus privilegios a NT AUTHORITY\\SYSTEM. Esto afecta a Desktop Central versi\u00f3n 10.0.380, EventLog Analyzer versi\u00f3n 12.0.2, ServiceDesk Plus versi\u00f3n 10.0.0, SupportCenter Plus versi\u00f3n 8.1, O365 Manager Plus versi\u00f3n 4.0, Mobile Device Manager Plus versi\u00f3n 9.0.0, Patch Connect Plus versi\u00f3n 9.0.0, Vulnerability Manager Plus versi\u00f3n 9.0.0 , Patch Manager Plus versi\u00f3n 9.0.0, OpManager versi\u00f3n 12.3, NetFlow Analyzer versi\u00f3n 11.0, OpUtils versi\u00f3n 11.0, Network Configuration Manager versi\u00f3n 11.0, FireWall versi\u00f3n 12.0, Key Manager Plus versi\u00f3n 5.6, Password Manager Pro versi\u00f3n 9.9, Analytics Plus versi\u00f3n 1.0 y Browser Security Plus."
}
],
"id": "CVE-2019-12133",
"lastModified": "2024-11-21T04:22:17.113",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-18T22:15:12.027",
"references": [
{
"source": "cve@mitre.org",
"url": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-007.md"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.manageengine.com/products/desktop-central/elevation-of-privilege-vulnerability.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-007.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.manageengine.com/products/desktop-central/elevation-of-privilege-vulnerability.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
},
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-10 20:16
Modified
2024-11-21 07:14
Severity ?
Summary
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated attackers to obtain a user's API key, and then access external APIs.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125450:*:*:*:*:*:*",
"matchCriteriaId": "95767F18-02DA-4B39-941E-3111639A8295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125451:*:*:*:*:*:*",
"matchCriteriaId": "3D6B8568-FCE8-4283-A41A-98DDA07B3631",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125452:*:*:*:*:*:*",
"matchCriteriaId": "D6CF42CA-ED4F-4184-B392-B9BA6846A7D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125453:*:*:*:*:*:*",
"matchCriteriaId": "2AFC22CB-4540-498A-AAA1-0F6D1676F290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125455:*:*:*:*:*:*",
"matchCriteriaId": "6585CDEA-9649-45A3-8965-E2CEAB1ADFCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125456:*:*:*:*:*:*",
"matchCriteriaId": "5D9F4070-68B1-4444-991A-A2CB0063442A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125664:*:*:*:*:*:*",
"matchCriteriaId": "EF7CDF11-A00E-47B6-B8E3-512998134656",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126000:*:*:*:*:*:*",
"matchCriteriaId": "A0B3AA58-0D48-4152-BF08-357D4A2098AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126001:*:*:*:*:*:*",
"matchCriteriaId": "22171713-63E5-42F8-BD7B-835447371595",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126100:*:*:*:*:*:*",
"matchCriteriaId": "D42A5730-622F-4903-991D-B54881349ABC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126101:*:*:*:*:*:*",
"matchCriteriaId": "EC69DF45-45F8-4C7B-8457-666270C95895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126102:*:*:*:*:*:*",
"matchCriteriaId": "A33E48DB-3CC9-43FD-85F8-0F3C389B961E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126103:*:*:*:*:*:*",
"matchCriteriaId": "389CF8B9-F431-4369-A581-4BFBA1305A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126113:*:*:*:*:*:*",
"matchCriteriaId": "DBD1E3BA-4112-4AD5-A616-BCFD2D5C5FDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126114:*:*:*:*:*:*",
"matchCriteriaId": "4FFD8500-5E07-4B3E-88EC-27C403A9B44E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126115:*:*:*:*:*:*",
"matchCriteriaId": "0BED22ED-D040-4439-AEC6-8CCD74F29217",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126116:*:*:*:*:*:*",
"matchCriteriaId": "4D1C56BB-D28D-48B6-BA6B-7B403E248648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.6:build126117:*:*:*:*:*:*",
"matchCriteriaId": "A49349AE-4EA2-4CE4-B8B9-326D44264B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125450:*:*:*:*:*:*",
"matchCriteriaId": "BEC805D2-CFDC-40DE-AA70-42A91461BEE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125451:*:*:*:*:*:*",
"matchCriteriaId": "4767BF5A-B867-44BB-B152-E2AFA63B06D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125452:*:*:*:*:*:*",
"matchCriteriaId": "5855C471-07AB-4A96-9631-26C6C8B01F67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125453:*:*:*:*:*:*",
"matchCriteriaId": "5075910F-3676-439A-879A-5CBE2C734347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125455:*:*:*:*:*:*",
"matchCriteriaId": "20808F91-7F08-4BA9-9075-C54337EC68E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125456:*:*:*:*:*:*",
"matchCriteriaId": "C700CE3B-31B5-4B4D-A378-70EC26D6F88B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125664:*:*:*:*:*:*",
"matchCriteriaId": "574117B3-2785-4971-ABBE-55C08010E16B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126000:*:*:*:*:*:*",
"matchCriteriaId": "8C4AA98C-BFFE-46E9-A3C3-D37298A8F6F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126001:*:*:*:*:*:*",
"matchCriteriaId": "B907FD6F-BA43-4D8D-90C4-F51CD693E9B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126100:*:*:*:*:*:*",
"matchCriteriaId": "B6CF111E-B976-46D1-A246-B7D1750FFC45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126101:*:*:*:*:*:*",
"matchCriteriaId": "36CBCAF8-B7FE-4611-A9DE-C82BCDE81A86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126102:*:*:*:*:*:*",
"matchCriteriaId": "33D8FC4D-0EF1-4C5B-A677-7269FFF068C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126103:*:*:*:*:*:*",
"matchCriteriaId": "C510DE4D-B2AB-404D-BA49-3CE09FAECB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126113:*:*:*:*:*:*",
"matchCriteriaId": "6594EF08-E72F-4A59-86DB-B63E0CCE4463",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126114:*:*:*:*:*:*",
"matchCriteriaId": "219B0F9E-A087-4AA2-B723-E3D68BEC9D21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126115:*:*:*:*:*:*",
"matchCriteriaId": "852A63FF-F97B-4BB9-869F-383E9FABE929",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126116:*:*:*:*:*:*",
"matchCriteriaId": "FA6C4793-6913-4C51-A2D4-B906D2CBEA94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.6:build126117:*:*:*:*:*:*",
"matchCriteriaId": "3AF232D9-6735-4296-91C8-A451A1801287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125450:*:*:*:*:*:*",
"matchCriteriaId": "855EA944-CB73-4193-94E0-9D706FF554C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125451:*:*:*:*:*:*",
"matchCriteriaId": "002FDBC8-72DE-46C6-A84B-B4A51F3228F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125452:*:*:*:*:*:*",
"matchCriteriaId": "AABA0E18-790D-4A86-91C4-1C50D2B6167C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125453:*:*:*:*:*:*",
"matchCriteriaId": "797C3F7A-E5CE-48B7-9BC1-4A637131C061",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125455:*:*:*:*:*:*",
"matchCriteriaId": "7EE387F3-24C8-4933-A25E-D9C4026469D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125456:*:*:*:*:*:*",
"matchCriteriaId": "2D219374-C6A2-4A28-AF41-ABC633D8C9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125664:*:*:*:*:*:*",
"matchCriteriaId": "88C4DF20-F8A7-4673-9639-42522C6BB3C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126000:*:*:*:*:*:*",
"matchCriteriaId": "722ACCC8-EC9C-4700-A5D0-5C6EFE8E36AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126001:*:*:*:*:*:*",
"matchCriteriaId": "FC0970ED-62DC-442B-AA29-618ADBD66E13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126100:*:*:*:*:*:*",
"matchCriteriaId": "8D6852F2-14B0-4EAE-B420-67A0103C10EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126101:*:*:*:*:*:*",
"matchCriteriaId": "BF0CBE7F-B124-4ABD-82F5-CB85341CAC86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126102:*:*:*:*:*:*",
"matchCriteriaId": "08A4CCDD-0892-4FF3-8E17-41D6AB8FC747",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126103:*:*:*:*:*:*",
"matchCriteriaId": "2DB6B15E-6513-4590-A5C1-A949341411F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126113:*:*:*:*:*:*",
"matchCriteriaId": "C1DF8B30-1820-4DA1-AB30-996FCC99192B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126114:*:*:*:*:*:*",
"matchCriteriaId": "09C0FF80-AF4C-47F9-B35C-12A7F2843D0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126115:*:*:*:*:*:*",
"matchCriteriaId": "6445A4A5-E41D-4B60-88E7-0E5B66C2A096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126116:*:*:*:*:*:*",
"matchCriteriaId": "645D9C07-A2F4-4E8B-B2FD-39330CD7BE14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.6:build126117:*:*:*:*:*:*",
"matchCriteriaId": "63739B14-BBAF-4F12-A178-36CE2C0F6B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125450:*:*:*:*:*:*",
"matchCriteriaId": "A436DAC3-05F7-48DE-A2E2-0084AE31D9A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125451:*:*:*:*:*:*",
"matchCriteriaId": "544961BA-03CA-49D6-AB7C-CFF597B3BB8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125452:*:*:*:*:*:*",
"matchCriteriaId": "9CDBD0CB-8495-44A1-BF9B-29A195D9F718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125453:*:*:*:*:*:*",
"matchCriteriaId": "73B5365C-92ED-41CC-9B05-8BB1FE21F3C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125455:*:*:*:*:*:*",
"matchCriteriaId": "B652092E-570C-4D4E-A133-627426C50F6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125456:*:*:*:*:*:*",
"matchCriteriaId": "DC13FB20-119C-47F9-870D-399811661896",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125664:*:*:*:*:*:*",
"matchCriteriaId": "1C14D389-AA7A-4CD3-A0B5-EF052907FEE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126000:*:*:*:*:*:*",
"matchCriteriaId": "48C09D5D-BC77-42DC-9A72-00A71F8C1A21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126001:*:*:*:*:*:*",
"matchCriteriaId": "14269E88-7186-4F2C-B770-964D0AD7D414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126100:*:*:*:*:*:*",
"matchCriteriaId": "C46D091F-095F-4F1D-8D16-1021E15BC963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126101:*:*:*:*:*:*",
"matchCriteriaId": "2AE780F5-EF56-45F3-A5E7-805A24C04A97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126102:*:*:*:*:*:*",
"matchCriteriaId": "212A00BA-ED01-45F3-9E9C-9E6B75B82CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126103:*:*:*:*:*:*",
"matchCriteriaId": "CBFA159F-0293-4E44-BB20-173021991107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126113:*:*:*:*:*:*",
"matchCriteriaId": "27D49B1C-1140-4CA7-B10A-9B59ACE69208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126114:*:*:*:*:*:*",
"matchCriteriaId": "1979F66B-749E-41F8-9CBD-E4AD4483B500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126115:*:*:*:*:*:*",
"matchCriteriaId": "BC5A1967-8D4F-4090-A2BA-5FFCEAA2EFFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126116:*:*:*:*:*:*",
"matchCriteriaId": "50D85F0C-201C-44D3-92C7-261095B4B03E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126117:*:*:*:*:*:*",
"matchCriteriaId": "36B6C5A9-FC13-4AB0-BE8B-9DFA8FDB0C57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125450:*:*:*:*:*:*",
"matchCriteriaId": "342D59C3-B7A8-44AF-8298-743F5487CD91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125656:*:*:*:*:*:*",
"matchCriteriaId": "9A6D1AC1-8480-42C9-90C6-F47E58B7E44B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.5:build125664:*:*:*:*:*:*",
"matchCriteriaId": "F31C74BA-085E-482C-A1E8-D6E9A69462B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126000:*:*:*:*:*:*",
"matchCriteriaId": "5D3E1BC5-7D01-45E9-A92D-7F2D623F1C4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126001:*:*:*:*:*:*",
"matchCriteriaId": "B15B6E60-9DF9-4524-8387-8CF0B2B6D0F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126100:*:*:*:*:*:*",
"matchCriteriaId": "06AEE3B8-3A71-466D-880F-B39E6E4D9899",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126103:*:*:*:*:*:*",
"matchCriteriaId": "C7E2FFFB-975D-4FFF-A54E-01336B2687BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126113:*:*:*:*:*:*",
"matchCriteriaId": "4C1FB9D8-1DA7-486C-9418-9C00F4D184D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.6:build126117:*:*:*:*:*:*",
"matchCriteriaId": "F78374E4-E4AF-4E77-9AE6-BEC58DCAB6AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125450:*:*:*:*:*:*",
"matchCriteriaId": "989668B0-0AEB-4E8B-AC51-42058CC6AC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125656:*:*:*:*:*:*",
"matchCriteriaId": "DC747248-7154-440A-BCD7-2E0F8ACFC042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.5:build125664:*:*:*:*:*:*",
"matchCriteriaId": "F4791DD2-AD34-4239-85CB-D87080D97AA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126000:*:*:*:*:*:*",
"matchCriteriaId": "F6E1060D-0E32-4330-BB0A-C35D5E11BCE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126001:*:*:*:*:*:*",
"matchCriteriaId": "FB7DAAA8-6A7B-41EF-8783-7EFDEE747332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126100:*:*:*:*:*:*",
"matchCriteriaId": "EA101FBC-D697-4A7E-B539-79097228B735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126103:*:*:*:*:*:*",
"matchCriteriaId": "4CC9EF3C-6768-4976-94C8-3FBEE6093ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126113:*:*:*:*:*:*",
"matchCriteriaId": "B5934D8A-C10F-47BC-BB73-45B8CB71C686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.6:build126117:*:*:*:*:*:*",
"matchCriteriaId": "59E334B0-6BF6-4674-9D9D-7E9C988BAB57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125450:*:*:*:*:*:*",
"matchCriteriaId": "2BF85206-863D-493C-88F4-15B0BA5276A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125451:*:*:*:*:*:*",
"matchCriteriaId": "3C9DE996-1DEC-4AF0-89FD-1E3DA3967BC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125452:*:*:*:*:*:*",
"matchCriteriaId": "75FF4D85-97C8-4DF4-ADE6-EDE8EC2DD5BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125453:*:*:*:*:*:*",
"matchCriteriaId": "9CAC6467-19F7-4CB2-A5FC-B57A14F4636C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125455:*:*:*:*:*:*",
"matchCriteriaId": "60EB56E2-7367-4488-A00D-41464E86B06D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125456:*:*:*:*:*:*",
"matchCriteriaId": "3E315636-0897-4421-882D-E8196F7ACAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125664:*:*:*:*:*:*",
"matchCriteriaId": "E3552F71-C708-41A4-9168-5673C086F507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126000:*:*:*:*:*:*",
"matchCriteriaId": "9505C545-2540-4554-B774-6ECCD64D6115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126001:*:*:*:*:*:*",
"matchCriteriaId": "06CF15AE-51A6-4FB4-A0DA-6097F0B2BE98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126100:*:*:*:*:*:*",
"matchCriteriaId": "11A17B44-C69A-424A-A305-0AD61DCDA2A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126101:*:*:*:*:*:*",
"matchCriteriaId": "8600CCB2-4642-4760-AE10-854446251673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126102:*:*:*:*:*:*",
"matchCriteriaId": "087A0139-FA4B-4C85-BAAD-1BDCF7B5F91B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126103:*:*:*:*:*:*",
"matchCriteriaId": "2F3B1A89-93A9-43F1-9246-E2081F26DBBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126113:*:*:*:*:*:*",
"matchCriteriaId": "9A7C64F7-9B85-4C7F-95B9-468200D2EA7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126114:*:*:*:*:*:*",
"matchCriteriaId": "1EE78F81-5F9D-4B98-BA82-24EE281041C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126115:*:*:*:*:*:*",
"matchCriteriaId": "298A1371-E23E-4954-8C16-B0F70A575A77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126116:*:*:*:*:*:*",
"matchCriteriaId": "BA174B71-5D43-4783-8744-1A4020A157C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.6:build126117:*:*:*:*:*:*",
"matchCriteriaId": "ADB451D9-106E-40DA-A499-B1D8DB1B78BC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated attackers to obtain a user\u0027s API key, and then access external APIs."
},
{
"lang": "es",
"value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer y OpUtils versiones anteriores a 27-07-2022 hasta 28-07-2022 (125657, 126002, 126104 y 126118) permiten a atacantes no autenticados obtener la clave API de un usuario y luego acceder a APIs externas"
}
],
"id": "CVE-2022-36923",
"lastModified": "2024-11-21T07:14:05.603",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-10T20:16:03.343",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.manageengine.com/itom/advisory/cve-2022-36923.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.manageengine.com/itom/advisory/cve-2022-36923.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-29 12:29
Modified
2024-11-21 03:46
Severity ?
Summary
A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows remote attackers to inject arbitrary web script or HTML via the parameter 'operation' to /servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:firewall_analyzer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFC3545-5EE0-4722-BFB6-58B3AF246F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0940949F-4EB4-460B-8CE9-56B6387250F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA1C4C73-FD72-4EE7-BE63-D83C373E6A3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91373406-389A-404C-81A1-BA994B0C06DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0AE5990D-D4B9-4D55-B221-20A9BF765C0A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows remote attackers to inject arbitrary web script or HTML via the parameter \u0027operation\u0027 to /servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet."
},
{
"lang": "es",
"value": "Una vulnerabilidad Cross-Site Scripting (XSS) reflejado en Zoho ManageEngine Netflow Analyzer antes de la build 123137, Network Configuration Manager antes de la build 123128, OpManager antes de la build 123148, OpUtils antes de la build 123161, y Firewall Analyzer antes de la build 123147 permite a los atacantes remotos inyectar scripts web o HTML arbitrarios a trav\u00e9s del par\u00e1metro \"operation\" en /servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet."
}
],
"id": "CVE-2018-12998",
"lastModified": "2024-11-21T03:46:13.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-29T12:29:00.500",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/148635/Zoho-ManageEngine-13-13790-build-XSS-File-Read-File-Deletion.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2018/Jul/75"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201807-036"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/unh3x/just4cve/issues/10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/148635/Zoho-ManageEngine-13-13790-build-XSS-File-Read-File-Deletion.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2018/Jul/75"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201807-036"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/unh3x/just4cve/issues/10"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-17 15:29
Modified
2024-11-21 04:50
Severity ?
Summary
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in /netflow/jspui/userManagementForm.jsp via these GET parameters: authMeth, passWord, pwd1, and userName.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://seclists.org/fulldisclosure/2019/Feb/45 | Exploit, Mailing List, Third Party Advisory | |
| cve@mitre.org | https://www.exploit-db.com/exploits/46425/ | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.manageengine.com/products/netflow/?doc | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Feb/45 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/46425/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.manageengine.com/products/netflow/?doc | Product |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zohocorp | manageengine_netflow_analyzer | 7.0.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:7.0.0.2:*:*:*:professional:*:*:*",
"matchCriteriaId": "E8A06D7A-579E-40E2-9E31-8127E90869FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in /netflow/jspui/userManagementForm.jsp via these GET parameters: authMeth, passWord, pwd1, and userName."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS existe en /netflow/jspui/userManagementForm.jsp a trav\u00e9s de estos par\u00e1metros GET: authMeth, passWord, pwd1 y userName."
}
],
"id": "CVE-2019-8928",
"lastModified": "2024-11-21T04:50:40.737",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-17T15:29:00.380",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/45"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/46425/"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/45"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/46425/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-18 13:15
Modified
2024-11-21 07:11
Severity ?
Summary
ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://manageengine.com | Vendor Advisory | |
| cve@mitre.org | https://www.manageengine.com/itom/advisory/cve-2022-35404.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://manageengine.com | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.manageengine.com/itom/advisory/cve-2022-35404.html | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0026FC79-6554-4B68-89EB-D7A8422C7406",
"versionEndExcluding": "12.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:-:*:*:*:*:*:*",
"matchCriteriaId": "6C0EB89D-E090-49D6-B851-B369B6B94EDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125000:*:*:*:*:*:*",
"matchCriteriaId": "94F878CC-E691-41E9-A90D-72EA25038963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125002:*:*:*:*:*:*",
"matchCriteriaId": "6D1EA156-BD95-4AAA-B688-0CD62CCDB60A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125100:*:*:*:*:*:*",
"matchCriteriaId": "8033E51C-D261-4A12-96CD-AE1F13BFD2AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125101:*:*:*:*:*:*",
"matchCriteriaId": "9EE1E1E6-ED1C-443A-A576-AD47D65082B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125102:*:*:*:*:*:*",
"matchCriteriaId": "3E283214-CE6A-4CD6-9E9B-7BF09C37447D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125108:*:*:*:*:*:*",
"matchCriteriaId": "8FF84A5E-C43B-4637-B725-1087D2057EED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125110:*:*:*:*:*:*",
"matchCriteriaId": "25AEF257-E1C1-4DFD-9EC0-9B2AC3920CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125111:*:*:*:*:*:*",
"matchCriteriaId": "46E32091-F91D-4706-A4F9-DC658CF36A6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125112:*:*:*:*:*:*",
"matchCriteriaId": "AC7D1106-6708-4A84-A077-286376C72AB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125113:*:*:*:*:*:*",
"matchCriteriaId": "071B3368-D7C2-4EE1-808F-1F4A3C3A4756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125114:*:*:*:*:*:*",
"matchCriteriaId": "4E9D5882-91D6-4E9D-AD8B-F3861D987826",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125116:*:*:*:*:*:*",
"matchCriteriaId": "17931D40-369C-430F-B5ED-FAF69FAA0E3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125117:*:*:*:*:*:*",
"matchCriteriaId": "02B4D022-BC43-4041-BA2B-60A6D42AD150",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125118:*:*:*:*:*:*",
"matchCriteriaId": "15FFD3F7-CB9F-4FB1-9F2C-CFDAE7E46FF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125120:*:*:*:*:*:*",
"matchCriteriaId": "5ED17849-BC14-4996-9DF9-7645B1E17374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125121:*:*:*:*:*:*",
"matchCriteriaId": "D91F6CC5-EDBE-420F-8871-03B8D10254B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125123:*:*:*:*:*:*",
"matchCriteriaId": "E82C682C-9F61-45B7-B934-8D6DDBA792AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125124:*:*:*:*:*:*",
"matchCriteriaId": "2FC7728B-9FFC-4A8F-BE24-926B8C2823AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125125:*:*:*:*:*:*",
"matchCriteriaId": "78BE6CCE-706E-436B-A6E6-26E7D044B209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125136:*:*:*:*:*:*",
"matchCriteriaId": "8BD54A67-C531-4642-90D4-C6E402D55AC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125137:*:*:*:*:*:*",
"matchCriteriaId": "9DF164BD-EF39-42E2-807D-F298D68A8D3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125139:*:*:*:*:*:*",
"matchCriteriaId": "5D85766D-1BAC-4477-96D6-EA989D392128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125140:*:*:*:*:*:*",
"matchCriteriaId": "CE99520F-C8F3-46EA-9BBA-AAE2AB4AB8CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125143:*:*:*:*:*:*",
"matchCriteriaId": "16D8A8F6-8BC3-438D-BF8B-9E2B46ECBF36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125144:*:*:*:*:*:*",
"matchCriteriaId": "F3D18E27-EE06-4555-A675-1BAC7D3DD8E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125145:*:*:*:*:*:*",
"matchCriteriaId": "0FEFDFF7-5538-4C53-922A-A5E71A0D643E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125156:*:*:*:*:*:*",
"matchCriteriaId": "02463016-7156-470F-8535-EF4C7E150546",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125157:*:*:*:*:*:*",
"matchCriteriaId": "8DEB616C-2DDC-4138-B6FC-8B2680D35485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125158:*:*:*:*:*:*",
"matchCriteriaId": "D51E7B22-9293-4086-B143-2D279597A5CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125159:*:*:*:*:*:*",
"matchCriteriaId": "BB4D8585-6109-45C0-94B4-667D11F0509F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125161:*:*:*:*:*:*",
"matchCriteriaId": "97CB62BA-09FA-446D-A8CF-958980B67F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125163:*:*:*:*:*:*",
"matchCriteriaId": "F871111C-4B61-4C50-ABDA-78D8D988DCD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125174:*:*:*:*:*:*",
"matchCriteriaId": "9950CFB9-FCDE-4696-97AF-251467270375",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125175:*:*:*:*:*:*",
"matchCriteriaId": "B674CFD8-6AE7-420A-BD7A-DD7A068CA5D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125176:*:*:*:*:*:*",
"matchCriteriaId": "56BCA911-733C-4F8C-B3CD-22F3E6CA1F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125177:*:*:*:*:*:*",
"matchCriteriaId": "A1281E75-AC6D-4077-9207-7CA7E5BCB1CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125178:*:*:*:*:*:*",
"matchCriteriaId": "CC052CBA-2B37-4E84-978D-36185EE1A3A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125180:*:*:*:*:*:*",
"matchCriteriaId": "72CC7428-8DD0-45DB-8D80-C02CD9B6CB65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125181:*:*:*:*:*:*",
"matchCriteriaId": "0C1691B0-FA38-4A29-8D49-D99A675C122A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125192:*:*:*:*:*:*",
"matchCriteriaId": "194ACE61-101D-40C3-9377-12039533AB45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125193:*:*:*:*:*:*",
"matchCriteriaId": "86428D44-03BC-4528-ADB5-3AC05231759D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125194:*:*:*:*:*:*",
"matchCriteriaId": "B694D0FC-320A-44F9-9FFB-0706CDD3004C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125195:*:*:*:*:*:*",
"matchCriteriaId": "BE298317-10EE-4A34-B4D0-8D03B727A75B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125196:*:*:*:*:*:*",
"matchCriteriaId": "B0A1B243-163D-461B-BEAB-81E6E2DB36EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125197:*:*:*:*:*:*",
"matchCriteriaId": "5E86C3A0-700E-4CB2-AFDC-F203C61D413C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125198:*:*:*:*:*:*",
"matchCriteriaId": "A550184D-13BD-4F2A-9DE5-AC66B496FFC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125201:*:*:*:*:*:*",
"matchCriteriaId": "538BCF38-69B6-4686-B1F1-82B10175CCBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125204:*:*:*:*:*:*",
"matchCriteriaId": "F29A6AE3-B864-4552-9BE9-074CB6935B07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125212:*:*:*:*:*:*",
"matchCriteriaId": "7CD2AB8D-F638-48E0-A5D6-1E969F9998B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125213:*:*:*:*:*:*",
"matchCriteriaId": "76528168-A54D-4398-B558-6DC27ACCBFBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125214:*:*:*:*:*:*",
"matchCriteriaId": "6C1DCA3B-41B8-402B-B5E8-2C3494C36B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125215:*:*:*:*:*:*",
"matchCriteriaId": "531A9E5C-9C45-4982-8ADE-5B41CE5F5B48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125216:*:*:*:*:*:*",
"matchCriteriaId": "FA70F031-A7EF-49F5-A1F6-C3DD33198D86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125228:*:*:*:*:*:*",
"matchCriteriaId": "5DF093BF-830B-4C9A-A4B2-41C7811E4EFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125229:*:*:*:*:*:*",
"matchCriteriaId": "AB64E7D3-D835-4F46-BD81-6B59CF7EB9F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125230:*:*:*:*:*:*",
"matchCriteriaId": "A2176672-0E34-4B46-9202-483F1D315836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125231:*:*:*:*:*:*",
"matchCriteriaId": "FBD2726E-4AAA-4E7D-A8E7-89DB875E7E6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125232:*:*:*:*:*:*",
"matchCriteriaId": "94AF723B-F1B7-44A8-B654-7C10881A6AF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125233:*:*:*:*:*:*",
"matchCriteriaId": "0C65E8BE-968F-4AB8-BD3F-A123C66E576A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125312:*:*:*:*:*:*",
"matchCriteriaId": "9A4C70B1-A902-4835-BFFC-692CA91C1317",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125323:*:*:*:*:*:*",
"matchCriteriaId": "06FE113C-94B6-419B-8AA0-767EA74D11ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125324:*:*:*:*:*:*",
"matchCriteriaId": "C30413D5-7F5B-47EE-825E-CEEF69DAC5B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125326:*:*:*:*:*:*",
"matchCriteriaId": "57DA6C66-3235-4923-89D0-EF093FF4126F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125328:*:*:*:*:*:*",
"matchCriteriaId": "82307372-C2CF-4E19-9D1D-7D33FCCE8F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125329:*:*:*:*:*:*",
"matchCriteriaId": "A5289D80-1C75-4819-B615-8259B25B1E9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125340:*:*:*:*:*:*",
"matchCriteriaId": "25CC8F8B-9072-41E3-8045-25D12EE22427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125341:*:*:*:*:*:*",
"matchCriteriaId": "6000E214-BF19-469C-A7CA-CC91465B2CDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125342:*:*:*:*:*:*",
"matchCriteriaId": "1AA9EA4B-DD82-46E7-9C44-77AC076F61CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125343:*:*:*:*:*:*",
"matchCriteriaId": "50E697EA-0A78-477D-B726-AC54EE868244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125344:*:*:*:*:*:*",
"matchCriteriaId": "E64AAB62-43C4-4284-B2AA-1DC55B972803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125346:*:*:*:*:*:*",
"matchCriteriaId": "E3A43E19-D06D-4856-AA55-02B8148EAB49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125358:*:*:*:*:*:*",
"matchCriteriaId": "310C491E-92CE-4EE8-9CDE-70640DE9CAB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125359:*:*:*:*:*:*",
"matchCriteriaId": "A82217B5-0A11-4BE6-ACEF-991B2DFE53D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125360:*:*:*:*:*:*",
"matchCriteriaId": "7C69DA1F-F0A3-4E9F-96E2-F7A4E9B876C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125361:*:*:*:*:*:*",
"matchCriteriaId": "033944E6-8A01-4566-81C4-2B76F10C2839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125362:*:*:*:*:*:*",
"matchCriteriaId": "3D969C61-1F9A-4B97-B6DA-04F84E3E2936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125364:*:*:*:*:*:*",
"matchCriteriaId": "9984754B-1FA5-4CDF-AFC3-BD97C6C6B177",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125366:*:*:*:*:*:*",
"matchCriteriaId": "718427DB-57A7-4AB0-AA4C-7716E5A5F084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125367:*:*:*:*:*:*",
"matchCriteriaId": "CD43B869-6A7F-461D-A870-448C91FB7A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125375:*:*:*:*:*:*",
"matchCriteriaId": "98DD8376-4B21-4024-878D-DB74D1FF7A2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125376:*:*:*:*:*:*",
"matchCriteriaId": "5E8B8FBA-39ED-4E7A-AA1C-A6C15E8C92B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125377:*:*:*:*:*:*",
"matchCriteriaId": "4742B198-8630-4A45-AE87-6731BF56081A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125378:*:*:*:*:*:*",
"matchCriteriaId": "3782ABA4-5247-4349-8CD8-BCE85B98D44E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125379:*:*:*:*:*:*",
"matchCriteriaId": "C39E5DB9-1B75-4204-9B24-70F6294F1F42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125380:*:*:*:*:*:*",
"matchCriteriaId": "F9459981-3E65-489C-9A70-B582EC9C8BC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125381:*:*:*:*:*:*",
"matchCriteriaId": "BF90B539-9180-4A96-9E2F-F35DCA6DD720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125382:*:*:*:*:*:*",
"matchCriteriaId": "2A6D1150-602E-4006-9F6B-10C6649AC05B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125386:*:*:*:*:*:*",
"matchCriteriaId": "FB168E3D-63AB-45D7-AAC1-2D01CD6956F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125392:*:*:*:*:*:*",
"matchCriteriaId": "B8DCEAE6-AAE6-40B0-83B2-A579A6BF9854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125393:*:*:*:*:*:*",
"matchCriteriaId": "FCFEA624-968F-4A0F-969D-2190B1269EAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125394:*:*:*:*:*:*",
"matchCriteriaId": "64F9D21C-AC05-4629-864F-85AFA3789739",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125397:*:*:*:*:*:*",
"matchCriteriaId": "07E47F97-63EC-4BF1-AE54-3B510B66202D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125398:*:*:*:*:*:*",
"matchCriteriaId": "160765FF-9A56-4072-9580-C6DCB573B061",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125399:*:*:*:*:*:*",
"matchCriteriaId": "F1EE56C3-5F42-4D2C-AEC0-035078DAE445",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125405:*:*:*:*:*:*",
"matchCriteriaId": "16593100-F288-4013-BF48-48CA482FC62D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125410:*:*:*:*:*:*",
"matchCriteriaId": "5BCA02F3-EF72-4F28-9ABB-D75EB6CE3338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125411:*:*:*:*:*:*",
"matchCriteriaId": "D8052948-7F5B-4E63-B1B7-B244D6A0AC39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125413:*:*:*:*:*:*",
"matchCriteriaId": "B6359934-CA70-4A8A-99E5-806555900EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125414:*:*:*:*:*:*",
"matchCriteriaId": "83BAAE61-540D-4E36-8B63-2438EC3B1479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125415:*:*:*:*:*:*",
"matchCriteriaId": "008A2BF2-E18B-492F-9DFF-19618F998664",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125416:*:*:*:*:*:*",
"matchCriteriaId": "5023E77A-908C-41AE-ADC7-580F44ADC376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125417:*:*:*:*:*:*",
"matchCriteriaId": "797D16E7-484D-4793-9040-74B815DC52B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125420:*:*:*:*:*:*",
"matchCriteriaId": "7D923373-B575-44C8-9B4D-DB824EC59B68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125428:*:*:*:*:*:*",
"matchCriteriaId": "B88917EC-3ABB-475E-B374-272CE5272D56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125430:*:*:*:*:*:*",
"matchCriteriaId": "BD457A1B-023A-42CF-ADED-648A061AAAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125431:*:*:*:*:*:*",
"matchCriteriaId": "9B9E22A4-676A-4D75-850F-15E5EC9A2911",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125432:*:*:*:*:*:*",
"matchCriteriaId": "4E6BA9C0-59DB-49E5-826E-1CA885FA28CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125433:*:*:*:*:*:*",
"matchCriteriaId": "95715B71-FA63-40A2-9EA6-56250318FC73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125434:*:*:*:*:*:*",
"matchCriteriaId": "2591F23D-DB1F-44B0-B67A-13483408DE4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125437:*:*:*:*:*:*",
"matchCriteriaId": "E4F035FB-54A9-47C0-8896-174A742E23B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125446:*:*:*:*:*:*",
"matchCriteriaId": "34B52052-FBFC-4803-B999-448A9385B613",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125448:*:*:*:*:*:*",
"matchCriteriaId": "A1F97594-BF89-4B5D-B1CE-706708891450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125450:*:*:*:*:*:*",
"matchCriteriaId": "A436DAC3-05F7-48DE-A2E2-0084AE31D9A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125451:*:*:*:*:*:*",
"matchCriteriaId": "544961BA-03CA-49D6-AB7C-CFF597B3BB8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125452:*:*:*:*:*:*",
"matchCriteriaId": "9CDBD0CB-8495-44A1-BF9B-29A195D9F718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125453:*:*:*:*:*:*",
"matchCriteriaId": "73B5365C-92ED-41CC-9B05-8BB1FE21F3C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125455:*:*:*:*:*:*",
"matchCriteriaId": "B652092E-570C-4D4E-A133-627426C50F6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125456:*:*:*:*:*:*",
"matchCriteriaId": "DC13FB20-119C-47F9-870D-399811661896",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125457:*:*:*:*:*:*",
"matchCriteriaId": "BC457292-04FE-4643-8F1D-05DAEF3F70BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125466:*:*:*:*:*:*",
"matchCriteriaId": "29CBDA2B-5A6A-4DB0-AC37-EAD8E05B55BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125467:*:*:*:*:*:*",
"matchCriteriaId": "CD266A0D-E726-4BC7-B3B9-6E3176415188",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125468:*:*:*:*:*:*",
"matchCriteriaId": "046B7B6F-85DE-4BDB-8860-ECA208C4D697",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125469:*:*:*:*:*:*",
"matchCriteriaId": "C60E51D9-A842-49FF-8793-84C074DBE5EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125470:*:*:*:*:*:*",
"matchCriteriaId": "753B2FC9-342B-4456-85D9-27734BE7C6FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125476:*:*:*:*:*:*",
"matchCriteriaId": "BE930B14-4B22-4299-8DE8-7625342FC4E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125482:*:*:*:*:*:*",
"matchCriteriaId": "45B93007-AD6A-4978-9752-41DF72D34A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125483:*:*:*:*:*:*",
"matchCriteriaId": "863CBACB-F9A3-44AC-B795-C2C0EB5C9E3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125485:*:*:*:*:*:*",
"matchCriteriaId": "AB28B644-BFD0-4588-B544-A139B26DDDE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125486:*:*:*:*:*:*",
"matchCriteriaId": "944F7C2F-53D4-4933-BD63-DF15C5A5CD65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125487:*:*:*:*:*:*",
"matchCriteriaId": "F6D0F0D1-7DF5-4C8D-9B31-B347E5A567DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125488:*:*:*:*:*:*",
"matchCriteriaId": "870A721F-2991-4041-AB1D-DE3D953B8669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125489:*:*:*:*:*:*",
"matchCriteriaId": "4F7FC0E5-8D0D-45CF-AEFA-180B79BC8B0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125567:*:*:*:*:*:*",
"matchCriteriaId": "7D394493-D690-44F0-B3F0-FD39E46F31C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125568:*:*:*:*:*:*",
"matchCriteriaId": "AF8CBF57-EF1A-4C84-879B-1A4035F4236A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125587:*:*:*:*:*:*",
"matchCriteriaId": "2F1E924E-8896-41CE-82E2-F22943A02FCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125588:*:*:*:*:*:*",
"matchCriteriaId": "FB058840-E3D0-45FA-B95F-3445A7719118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125589:*:*:*:*:*:*",
"matchCriteriaId": "FD9B23C4-3458-4E6C-B1AB-D4A36BE8FFA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125597:*:*:*:*:*:*",
"matchCriteriaId": "D2A7AA89-7233-4624-894A-B2B996D1D270",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125598:*:*:*:*:*:*",
"matchCriteriaId": "B6B402ED-8B64-4FB0-B9E7-76E499A4115F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125599:*:*:*:*:*:*",
"matchCriteriaId": "4E8B01F2-0A03-48CF-8BAE-556A9C3D88FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125601:*:*:*:*:*:*",
"matchCriteriaId": "3C07E022-B75C-4491-8A30-9A1532D0472C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125603:*:*:*:*:*:*",
"matchCriteriaId": "00E92DB5-8D53-4129-92D0-AD1DA0F1FEB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125604:*:*:*:*:*:*",
"matchCriteriaId": "913CD99C-8F47-47BD-BD7C-33762861BB08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125605:*:*:*:*:*:*",
"matchCriteriaId": "67B7F52E-7D7A-4AA9-9241-FFCC3DD49BBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125611:*:*:*:*:*:*",
"matchCriteriaId": "D02650C3-1A7F-4889-B6CB-11994054B5F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125612:*:*:*:*:*:*",
"matchCriteriaId": "01FEA1CA-351B-4E2B-A78E-60338682F97F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125613:*:*:*:*:*:*",
"matchCriteriaId": "04C9E097-FE04-42BD-96C8-2A3A9FD50B25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125614:*:*:*:*:*:*",
"matchCriteriaId": "94F895DB-C865-4AED-A1D9-CE69C0EF52FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125615:*:*:*:*:*:*",
"matchCriteriaId": "8B565B12-283F-4323-9C88-FD3CF5646DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125616:*:*:*:*:*:*",
"matchCriteriaId": "9FDC3394-293E-44CF-A83F-FE047A4E4DE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125617:*:*:*:*:*:*",
"matchCriteriaId": "01846F8F-D7D6-4CD9-B83E-41B70C691761",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125628:*:*:*:*:*:*",
"matchCriteriaId": "CAE013FC-357D-42DA-B223-D40B3C813089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125629:*:*:*:*:*:*",
"matchCriteriaId": "E4BA87E9-5E37-41EE-835C-13F68ABC9C06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125630:*:*:*:*:*:*",
"matchCriteriaId": "D2034E17-2DB9-4229-B7D4-D14761CEE699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125631:*:*:*:*:*:*",
"matchCriteriaId": "39FBAFB9-5703-4EEA-BFF3-45B958E0805F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125632:*:*:*:*:*:*",
"matchCriteriaId": "775D060A-773F-40BE-8FF3-6353EEA6A6BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125634:*:*:*:*:*:*",
"matchCriteriaId": "D8326A48-9DDB-4502-B97F-ABCB151E2C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125635:*:*:*:*:*:*",
"matchCriteriaId": "94ACC068-8260-4331-8B1C-E19B66D0738B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125638:*:*:*:*:*:*",
"matchCriteriaId": "FE3C3B0A-BD28-4291-BD28-61A1EEB7AE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125645:*:*:*:*:*:*",
"matchCriteriaId": "E1303424-7BCA-4445-BDBC-B4B546E0ED05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125648:*:*:*:*:*:*",
"matchCriteriaId": "EFFB585B-80EB-4EA3-BEC6-4E34FE952948",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125649:*:*:*:*:*:*",
"matchCriteriaId": "8D7B62B9-AAD9-4021-A806-21E61719E437",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125651:*:*:*:*:*:*",
"matchCriteriaId": "F1BF50D1-031E-4E39-9D15-FFC2CFB636D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125652:*:*:*:*:*:*",
"matchCriteriaId": "F045D3C8-315C-42AB-B9D0-4B5267E70417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125653:*:*:*:*:*:*",
"matchCriteriaId": "AC4FD2D6-9BA7-4889-96A2-DC946831469F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125654:*:*:*:*:*:*",
"matchCriteriaId": "3D86914B-49B5-4002-A4C7-3712C87F7626",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125656:*:*:*:*:*:*",
"matchCriteriaId": "2C5ED401-A964-44D5-AB2F-C07D35BD96D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125657:*:*:*:*:*:*",
"matchCriteriaId": "E424B820-3C4E-45C0-B74F-470E1E331127",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125664:*:*:*:*:*:*",
"matchCriteriaId": "1C14D389-AA7A-4CD3-A0B5-EF052907FEE6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB0C7A9-5511-4AC9-B5E4-74AAE6973E34",
"versionEndExcluding": "12.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:-:*:*:*:*:*:*",
"matchCriteriaId": "D6268D81-10E3-4BD0-A593-3639B2745577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125000:*:*:*:*:*:*",
"matchCriteriaId": "BDA5DDA4-A67C-4370-B41D-02755FCF1F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125108:*:*:*:*:*:*",
"matchCriteriaId": "3D99CD97-1D6B-4C67-A909-E1CE28A78E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125112:*:*:*:*:*:*",
"matchCriteriaId": "70FEC14F-A53C-437C-981A-214B867142E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125115:*:*:*:*:*:*",
"matchCriteriaId": "895E57EA-A8F6-425B-9D08-654E03B92B30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125116:*:*:*:*:*:*",
"matchCriteriaId": "9EE0C771-B2F6-4766-82FD-203967CE37D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125120:*:*:*:*:*:*",
"matchCriteriaId": "0DCD6102-19F7-42D2-A81B-C85824CA351D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125121:*:*:*:*:*:*",
"matchCriteriaId": "3C2C0A08-66BF-4FDC-A209-769234438844",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125125:*:*:*:*:*:*",
"matchCriteriaId": "8DDC3649-12A9-41F3-A27D-646B5DF05E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125129:*:*:*:*:*:*",
"matchCriteriaId": "4F037A2A-4B9A-4EBC-94E2-87502960FF20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125136:*:*:*:*:*:*",
"matchCriteriaId": "B15E99A3-989F-4EFD-BA26-DEC6992BD1CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125142:*:*:*:*:*:*",
"matchCriteriaId": "B85BF117-503B-435F-8667-481D9AC7A788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125149:*:*:*:*:*:*",
"matchCriteriaId": "3AC2A038-F59B-4137-B02F-4C26E2EB9152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125180:*:*:*:*:*:*",
"matchCriteriaId": "F605C78F-8BE4-4E02-A7FB-CA9D24AFE7E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125195:*:*:*:*:*:*",
"matchCriteriaId": "15557A07-E0E9-40DB-B013-0F4AD9556BD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125199:*:*:*:*:*:*",
"matchCriteriaId": "79082C84-9F25-4A63-86AF-18CC4ADF71CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125212:*:*:*:*:*:*",
"matchCriteriaId": "A88678CE-DB64-4D66-8F2A-3C60058DC5CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125213:*:*:*:*:*:*",
"matchCriteriaId": "88009BAC-1ECF-4BA3-855F-96C8789E476E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125216:*:*:*:*:*:*",
"matchCriteriaId": "E64F7B54-6B09-4B7E-B2AB-5EA73FD8E0AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125228:*:*:*:*:*:*",
"matchCriteriaId": "2B94DFD2-374C-47A9-9D54-3FDB63197FFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125232:*:*:*:*:*:*",
"matchCriteriaId": "9B0330D9-1276-4228-BA7E-B9E3B828E5AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125233:*:*:*:*:*:*",
"matchCriteriaId": "89736956-D05D-437B-BC7A-850AA459C123",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125234:*:*:*:*:*:*",
"matchCriteriaId": "63B26424-7292-4F37-B86F-2A4E0AD32B85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125323:*:*:*:*:*:*",
"matchCriteriaId": "2D2629FB-0A83-43CC-8C83-444036D05F7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125325:*:*:*:*:*:*",
"matchCriteriaId": "4CFD99D1-CB43-437B-8E7D-6712DA5C9835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125327:*:*:*:*:*:*",
"matchCriteriaId": "6FEBA58F-E5B4-4B91-B78F-620C6EB9D3BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125329:*:*:*:*:*:*",
"matchCriteriaId": "F9F9D406-FE99-45C0-B1C0-4DEB5E843FE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125343:*:*:*:*:*:*",
"matchCriteriaId": "F4B86974-C598-4E1A-9FF0-5AF9638C1AD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125345:*:*:*:*:*:*",
"matchCriteriaId": "C2838623-6F3F-417A-A644-FA226CCD8BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125358:*:*:*:*:*:*",
"matchCriteriaId": "454EDD2A-E79A-4D46-B841-BE5EC12C63D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125362:*:*:*:*:*:*",
"matchCriteriaId": "1557A740-D19D-4220-9B3E-395EFCB86F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125363:*:*:*:*:*:*",
"matchCriteriaId": "9C7DB404-A5C7-4EDB-BCB2-079A41E31428",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125378:*:*:*:*:*:*",
"matchCriteriaId": "B738952C-DE7B-4C3D-85B9-ADBEDF007AFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125392:*:*:*:*:*:*",
"matchCriteriaId": "897D140C-20FF-454D-8928-B11FFC84C016",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125399:*:*:*:*:*:*",
"matchCriteriaId": "18F93D7C-E8FC-4D4C-AEA0-C1187FB6D9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125417:*:*:*:*:*:*",
"matchCriteriaId": "2E799367-7DC7-478D-948A-17D717507DC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125436:*:*:*:*:*:*",
"matchCriteriaId": "F63F4324-8D54-43A9-8172-1BC6960146B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125445:*:*:*:*:*:*",
"matchCriteriaId": "74A5591E-75A4-4ACA-9C34-4907D645AA88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125455:*:*:*:*:*:*",
"matchCriteriaId": "7EE387F3-24C8-4933-A25E-D9C4026469D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125459:*:*:*:*:*:*",
"matchCriteriaId": "0C67D5FC-5965-4AC1-80A5-931BE60B5E86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125465:*:*:*:*:*:*",
"matchCriteriaId": "139E25D9-A4C8-4041-ADF7-4618DFEEE8C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125469:*:*:*:*:*:*",
"matchCriteriaId": "6A65F3F7-45D3-49EB-9784-1F13FA2CBB0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125471:*:*:*:*:*:*",
"matchCriteriaId": "3795D2DE-622F-4C82-B133-0993A01AC1FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125475:*:*:*:*:*:*",
"matchCriteriaId": "C0DB9896-BC25-46E3-AA6F-496A442BE525",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125482:*:*:*:*:*:*",
"matchCriteriaId": "CE56A949-74AC-4138-8AD3-31F5763860EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125483:*:*:*:*:*:*",
"matchCriteriaId": "4A3DB867-FD46-46EB-AEF0-2B6E79371AF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125485:*:*:*:*:*:*",
"matchCriteriaId": "7881FBB4-AC09-4EB9-B02F-3EA19237E095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125488:*:*:*:*:*:*",
"matchCriteriaId": "F391E432-98B8-4D97-8AD4-FB1A84FAF774",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125490:*:*:*:*:*:*",
"matchCriteriaId": "61D908B2-446E-48EC-9F6B-91E8BF0F6A38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125565:*:*:*:*:*:*",
"matchCriteriaId": "FD5F28B0-580E-4CD4-917A-496D35AD271A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125568:*:*:*:*:*:*",
"matchCriteriaId": "F0FC96AA-F2F4-4C35-8BF7-6318A2F624A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125583:*:*:*:*:*:*",
"matchCriteriaId": "6EA008F1-4E47-4753-8506-769B29AB5BA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125584:*:*:*:*:*:*",
"matchCriteriaId": "7ED68CDE-1096-4490-8E6B-78F4AC2BB729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125598:*:*:*:*:*:*",
"matchCriteriaId": "34F8D9B7-3BD7-44C0-A292-162928729F36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125612:*:*:*:*:*:*",
"matchCriteriaId": "7446678C-E2DB-4EA2-BC9B-430C8EC7804B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125615:*:*:*:*:*:*",
"matchCriteriaId": "33C57314-5503-48BD-9ED2-D76517C9C0F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125617:*:*:*:*:*:*",
"matchCriteriaId": "AC201C68-2C1D-4E75-9443-C5F853A37AB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125646:*:*:*:*:*:*",
"matchCriteriaId": "FBC08E48-51FA-497F-B5EB-349081888402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125650:*:*:*:*:*:*",
"matchCriteriaId": "FD78483C-8AC8-46B3-A1FB-2DA04468BCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125656:*:*:*:*:*:*",
"matchCriteriaId": "D1DBA938-81D2-4CF8-B1F2-B71C4B82835D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125664:*:*:*:*:*:*",
"matchCriteriaId": "88C4DF20-F8A7-4673-9639-42522C6BB3C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "340D8561-6110-49D8-BCDC-78A762FCD3E6",
"versionEndExcluding": "12.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:-:*:*:*:*:*:*",
"matchCriteriaId": "6280B6AB-C233-480A-95E6-E03D58AA7B5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125000:*:*:*:*:*:*",
"matchCriteriaId": "C61E9B3D-A39D-428E-A82F-5C4C225906C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125108:*:*:*:*:*:*",
"matchCriteriaId": "423D3372-F910-4006-9FE8-49A6B730AEBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125109:*:*:*:*:*:*",
"matchCriteriaId": "02B0ED3C-4729-4C70-8F06-6B507ED75BEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125115:*:*:*:*:*:*",
"matchCriteriaId": "3CE0B4B2-CC4C-4F0F-B97E-A90C84377989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125120:*:*:*:*:*:*",
"matchCriteriaId": "DC2E4C62-9867-4D14-85B3-95F359BD0551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125125:*:*:*:*:*:*",
"matchCriteriaId": "356A4F91-FA5B-4A09-841E-A380F580BA88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125129:*:*:*:*:*:*",
"matchCriteriaId": "CBBDC611-498B-4175-9A88-5914ED6D3A9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125141:*:*:*:*:*:*",
"matchCriteriaId": "10F3C9AD-9C1B-4FBD-8325-B56FCF96FFE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125149:*:*:*:*:*:*",
"matchCriteriaId": "F4EE5C24-C4AE-4F9D-B808-8930102A1389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125160:*:*:*:*:*:*",
"matchCriteriaId": "E0F45A48-5006-4748-B683-6C7CB469286A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125179:*:*:*:*:*:*",
"matchCriteriaId": "9796C62A-8FCA-4E1E-855E-7D67F77C9AD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125180:*:*:*:*:*:*",
"matchCriteriaId": "1A1AC2FD-91BA-4B78-BB14-B9F2CEB09071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125200:*:*:*:*:*:*",
"matchCriteriaId": "A4B99FDC-EC68-4006-B359-E845AEF72FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125212:*:*:*:*:*:*",
"matchCriteriaId": "240A8575-F963-4DB4-B9C6-BE584A2F8271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125213:*:*:*:*:*:*",
"matchCriteriaId": "B97F1BEE-F3C0-4DDD-B767-23C4BE9054AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125217:*:*:*:*:*:*",
"matchCriteriaId": "3B3482FA-9483-4EC7-9B09-E1BB63F02790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125232:*:*:*:*:*:*",
"matchCriteriaId": "2600FBC5-8358-4126-88F2-00F3BEE9B537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125323:*:*:*:*:*:*",
"matchCriteriaId": "FDD47CB0-3680-4ED9-821C-B673EACB953D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125329:*:*:*:*:*:*",
"matchCriteriaId": "D27B76C3-B8C8-48A6-AEF3-E9145B57EDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125357:*:*:*:*:*:*",
"matchCriteriaId": "6D77C576-035E-403B-A2B3-992496FAD202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125362:*:*:*:*:*:*",
"matchCriteriaId": "70608921-F02A-4121-BE90-919DD68DD0D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125376:*:*:*:*:*:*",
"matchCriteriaId": "93C50660-6ECF-4353-A15A-4F7B0F06D33A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125381:*:*:*:*:*:*",
"matchCriteriaId": "06D8864A-E6CC-4742-A2CF-B060E8DFA740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125393:*:*:*:*:*:*",
"matchCriteriaId": "D2572B3B-3BC4-4A83-92D5-8D7579821F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125399:*:*:*:*:*:*",
"matchCriteriaId": "0DD78F90-5231-4848-8971-9AB5ABBD2C33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125412:*:*:*:*:*:*",
"matchCriteriaId": "7C94C142-168F-421C-B00B-3F42AA1CC9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125429:*:*:*:*:*:*",
"matchCriteriaId": "77CE4835-6540-4CF6-A31C-255DA52BB073",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125447:*:*:*:*:*:*",
"matchCriteriaId": "E0544AE8-92B3-43A7-8F42-299AED1A40CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125459:*:*:*:*:*:*",
"matchCriteriaId": "A05AFF4D-4EF9-4939-81CC-0AB55DA596F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125464:*:*:*:*:*:*",
"matchCriteriaId": "86C3E31F-87E2-459F-8D1B-C6D1A237960D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125467:*:*:*:*:*:*",
"matchCriteriaId": "A3E7FC26-0000-4D4B-B489-DF0E2CD2B13C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125471:*:*:*:*:*:*",
"matchCriteriaId": "0DE52003-E959-420F-89A1-C86D8FB12DBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125476:*:*:*:*:*:*",
"matchCriteriaId": "6E9C9051-7FDE-4DEE-85DC-0798524DC17A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125482:*:*:*:*:*:*",
"matchCriteriaId": "5BE3598F-CEB4-4553-BB50-AA778BBF8BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125483:*:*:*:*:*:*",
"matchCriteriaId": "4C71852D-D529-469A-9111-6D4DB8381BD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125484:*:*:*:*:*:*",
"matchCriteriaId": "EC3F7DA9-3FBF-4D67-8BA5-2643E706F64F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125485:*:*:*:*:*:*",
"matchCriteriaId": "53E2DF01-9A39-4E50-BEDE-D49988CE5CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125488:*:*:*:*:*:*",
"matchCriteriaId": "0015664D-11BC-4DEE-BC5B-DB3D1FE8DF82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125490:*:*:*:*:*:*",
"matchCriteriaId": "8B49F887-4574-4B3C-A8A7-57F75B27447F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125557:*:*:*:*:*:*",
"matchCriteriaId": "C1E93E4D-0E54-41DF-843A-E8AE94EAD0BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125566:*:*:*:*:*:*",
"matchCriteriaId": "1617ADAD-2E13-4910-B600-3EC7E59B087C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125582:*:*:*:*:*:*",
"matchCriteriaId": "5F982932-5513-411A-9CBF-3082C7ECEF0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125585:*:*:*:*:*:*",
"matchCriteriaId": "8232CBA1-55DA-4F3C-A9E5-A204A25231C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125615:*:*:*:*:*:*",
"matchCriteriaId": "A30281F3-4DE2-4ED3-91A7-AE7A091C31E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125647:*:*:*:*:*:*",
"matchCriteriaId": "F76B196B-B5F8-4E84-9BBE-9D45A2FB2A26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125656:*:*:*:*:*:*",
"matchCriteriaId": "F267C53D-6F27-4DFF-BB3C-7B299E07F487",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125664:*:*:*:*:*:*",
"matchCriteriaId": "574117B3-2785-4971-ABBE-55C08010E16B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9FF3515-61C7-4A7A-9781-6D4A0340B2EC",
"versionEndExcluding": "12.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:-:*:*:*:*:*:*",
"matchCriteriaId": "52CC9C40-3F01-424F-84FB-C9CC20427D13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125000:*:*:*:*:*:*",
"matchCriteriaId": "77AA96FD-5AF0-4F80-8402-BAB460FF8B75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125003:*:*:*:*:*:*",
"matchCriteriaId": "3095B4D1-170A-48B0-8C4A-7A7A54E42149",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125108:*:*:*:*:*:*",
"matchCriteriaId": "8CE4267C-DAAE-4CEC-A6E3-D2213AA5EE57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125109:*:*:*:*:*:*",
"matchCriteriaId": "92EB7DC6-F227-40B3-A093-4D9495BBE272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125115:*:*:*:*:*:*",
"matchCriteriaId": "40C478D3-7C1C-4FCE-99FA-976EE2754680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125120:*:*:*:*:*:*",
"matchCriteriaId": "DE6C88E4-D382-4729-AF5D-5697DCE26A67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125122:*:*:*:*:*:*",
"matchCriteriaId": "6447F4D8-0943-4C8C-BBA7-42BECC181D80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125125:*:*:*:*:*:*",
"matchCriteriaId": "422B8CB6-3A14-4452-9192-F4CD5BF5D030",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125141:*:*:*:*:*:*",
"matchCriteriaId": "41AB6C1A-CBEC-4DC1-94A4-9D14E82BA542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125142:*:*:*:*:*:*",
"matchCriteriaId": "6A2C060F-770B-4245-8490-5D2EB970FCA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125149:*:*:*:*:*:*",
"matchCriteriaId": "16E635CC-1591-4535-89EA-B8470BD885F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125150:*:*:*:*:*:*",
"matchCriteriaId": "D5F9E623-A42D-446D-ADDD-5F3C8F7BD9B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125160:*:*:*:*:*:*",
"matchCriteriaId": "1E235AF0-4453-4439-A25D-FF78A89BB117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125179:*:*:*:*:*:*",
"matchCriteriaId": "620E40E9-9D83-4E14-8898-10C0718B1A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125180:*:*:*:*:*:*",
"matchCriteriaId": "1D72F651-BD8C-4564-AC1A-84A91F21EADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125194:*:*:*:*:*:*",
"matchCriteriaId": "19DD9FF2-583B-4079-9375-E1643FF9A54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125200:*:*:*:*:*:*",
"matchCriteriaId": "69EDC39C-68EE-488D-B740-9E45229BDF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125212:*:*:*:*:*:*",
"matchCriteriaId": "EC374820-208A-40EF-965C-50C19467BD82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125213:*:*:*:*:*:*",
"matchCriteriaId": "397B1FAC-EB6E-4F17-B5D7-CBD47D581DF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125217:*:*:*:*:*:*",
"matchCriteriaId": "E771BCA5-9E65-4C8B-BF36-E90F641D2015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125221:*:*:*:*:*:*",
"matchCriteriaId": "A658460A-FAE0-4487-8CD6-FB3384664F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125232:*:*:*:*:*:*",
"matchCriteriaId": "6F104D17-7D08-42A5-BAF3-DEA475308FC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125323:*:*:*:*:*:*",
"matchCriteriaId": "9F875BFA-18C2-42BF-8BC4-D02E15B395E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125329:*:*:*:*:*:*",
"matchCriteriaId": "3BBD9D22-7E92-4648-972E-E17D9472E08D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125357:*:*:*:*:*:*",
"matchCriteriaId": "7219F9A0-CD1D-4BB4-A5E1-FA0495B49114",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125361:*:*:*:*:*:*",
"matchCriteriaId": "0CBB0F67-9C81-44BC-9836-DE5FE40DDBBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125362:*:*:*:*:*:*",
"matchCriteriaId": "6D7C0250-52DA-423D-B061-0CDF39D15068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125376:*:*:*:*:*:*",
"matchCriteriaId": "6FC34D3F-FED3-4266-AB29-98FFC2002507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125381:*:*:*:*:*:*",
"matchCriteriaId": "DD1460AC-A719-4B75-B28B-748B6C262A87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125399:*:*:*:*:*:*",
"matchCriteriaId": "B9024FE1-536C-4180-8115-6D97E7C324D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125410:*:*:*:*:*:*",
"matchCriteriaId": "8CD6EB21-3DC6-47A7-939A-AA3C8EFE278F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125429:*:*:*:*:*:*",
"matchCriteriaId": "3A5911F7-7A45-499D-B345-D9C082932BBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125447:*:*:*:*:*:*",
"matchCriteriaId": "CBBD7A90-4F97-4DFD-B8E6-F24A9B72A1C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125459:*:*:*:*:*:*",
"matchCriteriaId": "87C6DCE0-5F40-4F50-8538-29CFF2DCC9EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125464:*:*:*:*:*:*",
"matchCriteriaId": "BECA9FA7-887B-4ECC-AA23-F75F96E42CB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125467:*:*:*:*:*:*",
"matchCriteriaId": "CFD6D448-337E-4A63-8BE2-4DFC50AE7413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125475:*:*:*:*:*:*",
"matchCriteriaId": "33F2625D-0750-4ED1-8BA7-8141D8B7FB01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125482:*:*:*:*:*:*",
"matchCriteriaId": "A7D6DD58-62F3-4727-9AC1-E6B5EA71BB89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125483:*:*:*:*:*:*",
"matchCriteriaId": "33991587-174F-48D9-821D-BF44CF24924D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125484:*:*:*:*:*:*",
"matchCriteriaId": "18B8D15F-0286-4D64-96F8-D213E241813E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125485:*:*:*:*:*:*",
"matchCriteriaId": "EB8483C1-6586-4936-8BF8-ECE3F0F4D5F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125488:*:*:*:*:*:*",
"matchCriteriaId": "A9318551-C41F-46E9-A196-5C01EAE276F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125490:*:*:*:*:*:*",
"matchCriteriaId": "5030E129-0401-457B-B4FB-974AD5A0A948",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125557:*:*:*:*:*:*",
"matchCriteriaId": "74DAFF5A-7090-427F-A69E-2E90456485C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125568:*:*:*:*:*:*",
"matchCriteriaId": "8EB26A23-108E-4F39-84E3-2F1C197C8CE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125582:*:*:*:*:*:*",
"matchCriteriaId": "DF57D557-B1B9-4B2E-81A5-B23C1A8521E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125605:*:*:*:*:*:*",
"matchCriteriaId": "E37E20B2-B678-45C1-9EF9-7D65172B485F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125615:*:*:*:*:*:*",
"matchCriteriaId": "17CC4F0C-E69E-4FA5-8119-D71AD9C13E63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125621:*:*:*:*:*:*",
"matchCriteriaId": "B8DA03F6-8EF8-48E1-B4CF-A2B0CB6F1DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125647:*:*:*:*:*:*",
"matchCriteriaId": "CA595DC9-C13C-4545-985E-DC1D611147E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125648:*:*:*:*:*:*",
"matchCriteriaId": "48F8E2D7-67A6-42EA-85DD-DD6488D267BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125664:*:*:*:*:*:*",
"matchCriteriaId": "EF7CDF11-A00E-47B6-B8E3-512998134656",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine."
},
{
"lang": "es",
"value": "ManageEngine Password Manager Pro versiones 12100 y anteriores y OPManager versiones 126100 y anteriores son vulnerables a una creaci\u00f3n no autorizada de archivos y directorios en un equipo servidor"
}
],
"id": "CVE-2022-35404",
"lastModified": "2024-11-21T07:11:06.367",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-18T13:15:10.510",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://manageengine.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.manageengine.com/itom/advisory/cve-2022-35404.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://manageengine.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.manageengine.com/itom/advisory/cve-2022-35404.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-21 16:01
Modified
2024-11-21 04:48
Severity ?
Summary
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/index.jsp" file in the view GET parameter or any of these POST parameters: autorefTime, section, snapshot, viewOpt, viewAll, view, or groupSelName. The latter is related to CVE-2009-3903.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html | Exploit, Patch, Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://seclists.org/fulldisclosure/2019/Feb/29 | Exploit, Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | https://www.manageengine.com/products/netflow/?doc | Product, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html | Exploit, Patch, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Feb/29 | Exploit, Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.manageengine.com/products/netflow/?doc | Product, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zohocorp | manageengine_netflow_analyzer | 7.0.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:7.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C610B76C-FD74-4B2E-AF19-B2ABC7B0B275",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone \"/netflow/jspui/index.jsp\" file in the view GET parameter or any of these POST parameters: autorefTime, section, snapshot, viewOpt, viewAll, view, or groupSelName. The latter is related to CVE-2009-3903."
},
{
"lang": "es",
"value": "Existe Cross-Site Scripting (XSS) en Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 en la zona de Administrador en el archivo \"/netflow/jspui/index.jsp\" en el par\u00e1metro GET view o cualquiera de estos par\u00e1metros POST: autorefTime, section, snapshot, viewOpt, viewAll, view o groupSelName. Este \u00faltimo est\u00e1 relacionado con CVE-2009-3903."
}
],
"id": "CVE-2019-7424",
"lastModified": "2024-11-21T04:48:12.227",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-21T16:01:13.280",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
},
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-12-04 17:59
Modified
2024-11-21 02:12
Severity ?
Summary
Multiple absolute path traversal vulnerabilities in ZOHO ManageEngine Netflow Analyzer 8.6 through 10.2 and IT360 10.3 allow remote attackers or remote authenticated users to read arbitrary files via a full pathname in the schFilePath parameter to the (1) CSVServlet or (2) CReportPDFServlet servlet.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zohocorp | manageengine_it360 | 10.3.0 | |
| zohocorp | manageengine_netflow_analyzer | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_it360:10.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9176D056-7350-4371-8F7E-87C2521EEBF2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4266FD0-D60D-42B6-A8D5-BB5D908F108E",
"versionEndIncluding": "10.2",
"versionStartIncluding": "8.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple absolute path traversal vulnerabilities in ZOHO ManageEngine Netflow Analyzer 8.6 through 10.2 and IT360 10.3 allow remote attackers or remote authenticated users to read arbitrary files via a full pathname in the schFilePath parameter to the (1) CSVServlet or (2) CReportPDFServlet servlet."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de recorrido de directorio absoluto en ZOHO ManageEngine Netflow Analyzer 8.6 hasta 10.2 y IT360 10.3 permiten a atacantes remotos o usuarios remotos autenticados leer ficheros arbitrarios a trav\u00e9s de un nombre de ruta completo en el par\u00e1metro schFilePath en el servlet (1) CSVServlet o (2) CReportPDFServlet."
}
],
"id": "CVE-2014-5445",
"lastModified": "2024-11-21T02:12:03.953",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-12-04T17:59:00.067",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://packetstormsecurity.com/files/129336/ManageEngine-Netflow-Analyzer-IT360-File-Download.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/9"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/534122/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/534141/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/71404"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99045"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/rapid7/metasploit-framework/pull/4282"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_netflow_it360_file_dl.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/cve-2014-5445-cve-2014-5446-fix-for-arbitrary-file-download"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://packetstormsecurity.com/files/129336/ManageEngine-Netflow-Analyzer-IT360-File-Download.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/534122/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/534141/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/71404"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99045"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/rapid7/metasploit-framework/pull/4282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_netflow_it360_file_dl.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/cve-2014-5445-cve-2014-5446-fix-for-arbitrary-file-download"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-10 14:29
Modified
2024-11-21 03:42
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the add credentials functionality in Zoho ManageEngine NetFlow Analyzer v12.3 before 12.3.125 (build 123125) allows remote attackers to inject arbitrary web script or HTML via a crafted description value. This can be exploited through CSRF.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/104251 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.manageengine.com/products/netflow/readme.html#123125 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104251 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.manageengine.com/products/netflow/readme.html#123125 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zohocorp | manageengine_netflow_analyzer | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:*:5610:*:*:*:*:*:*",
"matchCriteriaId": "DBC7FBC8-BFFF-46B2-B1F6-DB2CC72CC105",
"versionEndExcluding": "12.3.125",
"versionStartIncluding": "12.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the add credentials functionality in Zoho ManageEngine NetFlow Analyzer v12.3 before 12.3.125 (build 123125) allows remote attackers to inject arbitrary web script or HTML via a crafted description value. This can be exploited through CSRF."
},
{
"lang": "es",
"value": "Cross-Site Scripting (XSS) en la funcionalidad de adici\u00f3n de credenciales en Zoho ManageEngine NetFlow Analyzer en versiones v12.3 anteriores a la 12.3.125 (build 123125) permite que atacantes remotos inyecten scripts web o HTML arbitrarios mediante un valor de descripci\u00f3n manipulado. Esto puede explotarse mediante Cross-Site Request Forgery (CSRF)."
}
],
"id": "CVE-2018-10803",
"lastModified": "2024-11-21T03:42:03.383",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-10T14:29:00.470",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104251"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.manageengine.com/products/netflow/readme.html#123125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104251"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.manageengine.com/products/netflow/readme.html#123125"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-11-15 21:15
Modified
2025-02-13 18:16
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database passwords. This allows the user to access the ManageEngine product database.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_analytics_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "725AEAF1-8E3C-4D33-B65D-C8304506A131",
"versionEndExcluding": "5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_appcreator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A753D74-F09F-4C42-A7C2-4D3A280FCACC",
"versionEndExcluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_application_control_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AEDFE0E-9C9A-4DF6-9918-B5BD4DC67624",
"versionEndExcluding": "11.2.2328.01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_browser_security_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21C65599-8166-4066-BF0F-5C3CC55F544A",
"versionEndExcluding": "11.2.2328.01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_device_control_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6CB1749-097D-4F9F-94DB-F35E72A42034",
"versionEndExcluding": "11.2.2328.01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_endpoint_central:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06579974-7085-42B3-9F9F-A733A1CA37D9",
"versionEndExcluding": "11.2.2322.01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_endpoint_central_msp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F551AC16-6CBA-4460-A05D-D083967BDF07",
"versionEndExcluding": "11.2.2322.01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_endpoint_dlp_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE96B83-9684-4955-81C5-AD5B5BC817DF",
"versionEndExcluding": "11.2.2328.01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_mobile_device_manager_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FC58FEB-B8E4-4B1C-AE55-F4577D7BF505",
"versionEndExcluding": "10.1.2204.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_mobile_device_manager_plus:10.1.2207.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A5B65D12-7DAE-4815-993C-7C5903E990DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_os_deployer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C070B9E-FE09-4CFE-B489-DC9CED210CF1",
"versionEndExcluding": "1.2.2331.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_manager_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B9C6675-2DDB-4FD6-8FA6-B3EE56F87F69",
"versionEndExcluding": "11.2.2328.01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_remote_access_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA4B79F8-4D04-4EA4-8754-355DB6CA71B8",
"versionEndExcluding": "11.2.2328.01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_remote_monitoring_and_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAA39630-6CE1-46E3-AF49-67DB09308C5D",
"versionEndExcluding": "10.2.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_vulnerability_manager_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4D89B41-A239-4329-9BEA-6D52EE8644D8",
"versionEndExcluding": "11.2.2328.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD7707C-0FE5-475D-8FB2-CDB19363421A",
"versionEndExcluding": "6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.3:6300:*:*:*:*:*:*",
"matchCriteriaId": "F0C93DB0-3029-4D49-B180-6EFAEC4B712B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.3:6301:*:*:*:*:*:*",
"matchCriteriaId": "F69BFD56-BA90-426C-9EF1-4BD925657BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.3:6302:*:*:*:*:*:*",
"matchCriteriaId": "1171C259-086C-42CA-BE56-5B410677F72C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.3:6303:*:*:*:*:*:*",
"matchCriteriaId": "827B0C20-903F-48A5-8918-81F39202C21F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7927FC8C-ED61-4E24-AF57-2D5C0E06AB2A",
"versionEndExcluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.2:7200:*:*:*:*:*:*",
"matchCriteriaId": "1AE608DF-E02C-4A63-AD3E-7E3C1B921C3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.2:7201:*:*:*:*:*:*",
"matchCriteriaId": "72C14C6D-5C72-4A39-A8FF-93CD89C831C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.2:7202:*:*:*:*:*:*",
"matchCriteriaId": "D47DA377-0AF4-453E-9605-A5F87FA14E61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.2:7203:*:*:*:*:*:*",
"matchCriteriaId": "BC919233-CE66-416C-8649-B94A23F131F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E802FD77-E67A-438C-82CE-9FC7536FB14E",
"versionEndExcluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7200:*:*:*:*:*:*",
"matchCriteriaId": "0FAF63F4-AED2-4EA4-BA5B-45961B2E29B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7201:*:*:*:*:*:*",
"matchCriteriaId": "237AA2F5-B9A3-4C40-92AC-61FE47A017BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7202:*:*:*:*:*:*",
"matchCriteriaId": "4C23A64C-65CB-447B-9B5F-4BB22F68FC79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7203:*:*:*:*:*:*",
"matchCriteriaId": "3489D84B-5960-4FA7-A2DD-88AE35C34CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7210:*:*:*:*:*:*",
"matchCriteriaId": "D86AB1CC-0FDE-4CC1-BF64-E0C61EAF652F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7211:*:*:*:*:*:*",
"matchCriteriaId": "076FDAE7-9DB2-4A04-B09E-E53858D208C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7212:*:*:*:*:*:*",
"matchCriteriaId": "07C08B57-FA76-4E24-BC10-B837597BC7E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7213:*:*:*:*:*:*",
"matchCriteriaId": "0D734ACB-33E8-4315-8A79-2B97CE1D0509",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7215:*:*:*:*:*:*",
"matchCriteriaId": "9314CA98-7A69-4D2B-9928-40F55888C9FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7220:*:*:*:*:*:*",
"matchCriteriaId": "BCE7999C-D6AE-4406-A563-A520A171381D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7250:*:*:*:*:*:*",
"matchCriteriaId": "D5716895-4553-4613-B774-0964D3E88AA0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5618AEE3-0F6A-47CC-9783-DF9B5C8AC12F",
"versionEndExcluding": "4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4100:*:*:*:*:*:*",
"matchCriteriaId": "BFD452AD-7053-4C13-97DA-326C3DC6E26C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4101:*:*:*:*:*:*",
"matchCriteriaId": "0B87956F-9C45-4A65-BEB2-77A247BD7A39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4102:*:*:*:*:*:*",
"matchCriteriaId": "17BE6347-1605-47DB-8CFE-B587E3AB4223",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4103:*:*:*:*:*:*",
"matchCriteriaId": "C47F9F56-B1DE-426B-B5CF-A1BB5973D6E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4104:*:*:*:*:*:*",
"matchCriteriaId": "E6A7C5C6-0137-4279-A7EA-3439BE477A3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4105:*:*:*:*:*:*",
"matchCriteriaId": "C921F1B2-69B4-448F-AC7C-2F4474507FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4106:*:*:*:*:*:*",
"matchCriteriaId": "91DB9017-1BCF-48DB-97AE-4214150BAE77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4107:*:*:*:*:*:*",
"matchCriteriaId": "D066B999-8554-49F0-92C3-1A4DDEA6E32D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4108:*:*:*:*:*:*",
"matchCriteriaId": "635F80E1-4A73-48DC-A128-D61716D70839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4109:*:*:*:*:*:*",
"matchCriteriaId": "E74FE1C4-471A-4040-96A4-0BE46745199B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4110:*:*:*:*:*:*",
"matchCriteriaId": "C31E2485-2F3A-4BC1-92CC-F7DCB464B5D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4111:*:*:*:*:*:*",
"matchCriteriaId": "99C928C2-4711-4765-BDF2-E7FB448F5771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4112:*:*:*:*:*:*",
"matchCriteriaId": "EDF77387-21C7-45CA-B843-EBA956EE2BB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4113:*:*:*:*:*:*",
"matchCriteriaId": "5C2C0067-538B-4102-8B4E-603BD4CE8F86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4115:*:*:*:*:*:*",
"matchCriteriaId": "DAF47C10-AAE9-40CF-A033-44D54A81E69F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4116:*:*:*:*:*:*",
"matchCriteriaId": "36D0331C-58EA-4B68-88C4-7A193BE5C62E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4117:*:*:*:*:*:*",
"matchCriteriaId": "3CA59781-E48C-487E-B3AF-96560F3152EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4118:*:*:*:*:*:*",
"matchCriteriaId": "E4812B9E-15CA-4700-9115-EAE0A97F0E3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4119:*:*:*:*:*:*",
"matchCriteriaId": "CE513A2B-0371-4D3C-A502-CDA3DB474F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4120:*:*:*:*:*:*",
"matchCriteriaId": "5E498ACE-8332-4824-9AFE-73975D0AC9EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4121:*:*:*:*:*:*",
"matchCriteriaId": "F070B928-CF57-4502-BE26-AD3F13A6ED4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4122:*:*:*:*:*:*",
"matchCriteriaId": "635D24F2-9C60-4E1A-BD5F-E5312FA953A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4130:*:*:*:*:*:*",
"matchCriteriaId": "5E983854-36F8-407F-95C8-E386E0F82366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4131:*:*:*:*:*:*",
"matchCriteriaId": "29BFE206-CAB1-41CA-B5A5-E8CB67BCCA4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4140:*:*:*:*:*:*",
"matchCriteriaId": "7820751F-E181-4BB7-8DAF-BF21129B24D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4141:*:*:*:*:*:*",
"matchCriteriaId": "14ADB666-EEB9-4C6D-93F4-5A45EBA55705",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4150:*:*:*:*:*:*",
"matchCriteriaId": "93C4B398-8F9A-44AC-8E43-C4C471DE9565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4160:*:*:*:*:*:*",
"matchCriteriaId": "47FD0E59-3D75-4CF5-81A6-20C3B7FDE962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4161:*:*:*:*:*:*",
"matchCriteriaId": "C7EF76FE-3FD9-4548-A372-22E280484ECB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:4162:*:*:*:*:*:*",
"matchCriteriaId": "0F95BCBE-399F-4CCC-A17B-C0C3A03A99AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93C3ECBE-AE6A-4E5B-822B-2F905AA806DB",
"versionEndExcluding": "6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.1:6100:*:*:*:*:*:*",
"matchCriteriaId": "DFEB1B4D-A7B2-464A-BEA7-5754D3BE1F50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.1:6101:*:*:*:*:*:*",
"matchCriteriaId": "C12C9470-3D3B-426E-93F9-79D8B9B25F69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.1:6110:*:*:*:*:*:*",
"matchCriteriaId": "227F1242-E0A9-45C5-9198-FD8D01F68ABF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.1:6111:*:*:*:*:*:*",
"matchCriteriaId": "2FE57085-2085-4F62-9900-7B8DFC558418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.1:6120:*:*:*:*:*:*",
"matchCriteriaId": "CAB7FA92-DC12-4E8A-91CC-3C98ED74E47B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.1:6121:*:*:*:*:*:*",
"matchCriteriaId": "D04530C2-E4D0-4717-95DB-B7C224348502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.1:6125:*:*:*:*:*:*",
"matchCriteriaId": "9BBD018F-C1FD-4A0F-A145-253D86185F6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DA0580F-8167-450E-A1E9-0F1F7FC7E2C9",
"versionEndExcluding": "5.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5700:*:*:*:*:*:*",
"matchCriteriaId": "E913F3D6-9F94-4130-94FF-37F4D81BAEF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5701:*:*:*:*:*:*",
"matchCriteriaId": "34D23B58-2BB8-40EE-952C-1595988335CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5702:*:*:*:*:*:*",
"matchCriteriaId": "322920C4-4487-4E44-9C40-2959F478A4FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5703:*:*:*:*:*:*",
"matchCriteriaId": "3AD735B9-2CE2-46BA-9A14-A22E3FE21C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5704:*:*:*:*:*:*",
"matchCriteriaId": "014DB85C-DB28-4EBB-971A-6F8F964CE6FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5705:*:*:*:*:*:*",
"matchCriteriaId": "5E9B0013-ABF8-4616-BC92-15DF9F5CB359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5706:*:*:*:*:*:*",
"matchCriteriaId": "5B744F32-FD43-47B8-875C-6777177677CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5707:*:*:*:*:*:*",
"matchCriteriaId": "F1BB6EEA-2BAA-4C48-8DA8-1E87B3DE611F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5708:*:*:*:*:*:*",
"matchCriteriaId": "D3012C17-87F5-4FFD-B67B-BEFF2A390613",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5709:*:*:*:*:*:*",
"matchCriteriaId": "1E33D368-2D81-4C7E-9405-7C0A86E97217",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5710:*:*:*:*:*:*",
"matchCriteriaId": "7AA9384F-6401-4495-B558-23E5A7A7528C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5711:*:*:*:*:*:*",
"matchCriteriaId": "E492F955-0734-4AE4-A59F-572ADF0CFE75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5712:*:*:*:*:*:*",
"matchCriteriaId": "11B71FFC-FD2E-4F84-BB1E-55BCA5B51099",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BB59DF-8786-4DC0-9254-F88417CA7077",
"versionEndExcluding": "4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4500:*:*:*:*:*:*",
"matchCriteriaId": "6BA1E99E-789C-4FDD-AA89-4C5391B95320",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4502:*:*:*:*:*:*",
"matchCriteriaId": "7EA6EC34-6702-4D1A-8C63-5026416E01A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4503:*:*:*:*:*:*",
"matchCriteriaId": "0720F912-A070-43E9-BD23-4FAD00026DCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4504:*:*:*:*:*:*",
"matchCriteriaId": "161C81D2-7281-4F89-9944-1B468B06C264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4505:*:*:*:*:*:*",
"matchCriteriaId": "718EEA01-B792-4B7E-946F-863F846E8132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4507:*:*:*:*:*:*",
"matchCriteriaId": "DB72E7C9-FAC6-43E8-AC2A-5A7CBEAB919E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4508:*:*:*:*:*:*",
"matchCriteriaId": "47BBC46A-16C7-4E9B-A49A-8101F3039D0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4509:*:*:*:*:*:*",
"matchCriteriaId": "D989FB08-624D-406B-8F53-A387900940F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4510:*:*:*:*:*:*",
"matchCriteriaId": "8ADB6CFE-1915-488C-93FE-96E8DF3655F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4511:*:*:*:*:*:*",
"matchCriteriaId": "EDCCB442-D0E4-47C7-A558-36657A70B3CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4512:*:*:*:*:*:*",
"matchCriteriaId": "8794F807-1D50-44D4-8969-FD68EFF2F643",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4513:*:*:*:*:*:*",
"matchCriteriaId": "AFA2B4BA-1FBF-4C2E-872E-AD14084D1D56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4514:*:*:*:*:*:*",
"matchCriteriaId": "6976DCDA-E27A-4367-8EFE-74DC6F63018F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4516:*:*:*:*:*:*",
"matchCriteriaId": "101908A5-CAEF-44F8-A6C8-FE01CA9FA836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4517:*:*:*:*:*:*",
"matchCriteriaId": "F957BE56-474A-4593-8710-F86DB13C7407",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4518:*:*:*:*:*:*",
"matchCriteriaId": "B8479442-1A4A-4F27-9778-664C7693C815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4519:*:*:*:*:*:*",
"matchCriteriaId": "EEF00ADC-105F-4B7E-857B-17565D67C7D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4520:*:*:*:*:*:*",
"matchCriteriaId": "CA292949-6E99-49A5-94F7-23448494F5C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4523:*:*:*:*:*:*",
"matchCriteriaId": "863CBE20-60A5-4A08-BF16-4E40E88B9AB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4525:*:*:*:*:*:*",
"matchCriteriaId": "28A105B4-7BF0-4054-AAE7-8453E13E2B63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4527:*:*:*:*:*:*",
"matchCriteriaId": "94C78301-44B7-45B2-836E-15E45FAC8625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4528:*:*:*:*:*:*",
"matchCriteriaId": "F408067C-13C1-40BE-8488-9EB7FF0EDF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4529:*:*:*:*:*:*",
"matchCriteriaId": "A83FBC34-E024-47DA-AD8A-BF569F1F7EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4531:*:*:*:*:*:*",
"matchCriteriaId": "DC06E46F-441E-445B-A780-702B170901DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4532:*:*:*:*:*:*",
"matchCriteriaId": "A8A98287-DB5D-44A3-B835-54BACFC12944",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4533:*:*:*:*:*:*",
"matchCriteriaId": "53F32DE7-F211-4BEF-99C1-CE38EFDBCCC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4535:*:*:*:*:*:*",
"matchCriteriaId": "91C3EE55-B71B-432C-A68E-BB126A715375",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4536:*:*:*:*:*:*",
"matchCriteriaId": "FD48F21A-2D38-4EB8-B190-58CF176C1EEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4537:*:*:*:*:*:*",
"matchCriteriaId": "76346162-0BF0-4B21-82D2-2548A989396A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_manager_plus:4.5:build4538:*:*:*:*:*:*",
"matchCriteriaId": "5313C4EF-A960-4BCA-AA97-EDC88402A175",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4282B6D-6C85-4F13-B789-E641FB5986FE",
"versionEndExcluding": "4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4500:*:*:*:*:*:*",
"matchCriteriaId": "A160274C-F07A-43D9-A4DB-8773F004B9B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4502:*:*:*:*:*:*",
"matchCriteriaId": "341DF953-3DC7-476E-A79D-8CBD011C52A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4503:*:*:*:*:*:*",
"matchCriteriaId": "AB6582AC-03DB-4905-BD03-EEDC314EB289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4504:*:*:*:*:*:*",
"matchCriteriaId": "2C3F1FDE-41F7-4541-B0F7-00DB7994ACB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4505:*:*:*:*:*:*",
"matchCriteriaId": "92ADF3D2-0051-46E9-BF7A-7D429ABEC09A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4507:*:*:*:*:*:*",
"matchCriteriaId": "1592B321-1D60-418D-9CD8-61AEA57D8D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4508:*:*:*:*:*:*",
"matchCriteriaId": "E582FA9F-A043-4193-961D-A49159F1C921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4509:*:*:*:*:*:*",
"matchCriteriaId": "F3A22F3D-C45F-4FD5-8EEC-3BF2EDA807A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4510:*:*:*:*:*:*",
"matchCriteriaId": "28EAB920-2F01-483E-9492-97DBFBD7535F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4511:*:*:*:*:*:*",
"matchCriteriaId": "92F1D0A8-8761-4876-92C1-EE9F6BF61C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4512:*:*:*:*:*:*",
"matchCriteriaId": "37976BE2-4233-46F7-B6BB-EFA778442AFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4513:*:*:*:*:*:*",
"matchCriteriaId": "A0FF0731-4694-427A-8C9A-EBA7AEF6F1D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4514:*:*:*:*:*:*",
"matchCriteriaId": "C069FF04-4061-4560-BA55-1784312047A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4516:*:*:*:*:*:*",
"matchCriteriaId": "0D428FA6-08BA-4F7E-B1C7-4AFD17919899",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4517:*:*:*:*:*:*",
"matchCriteriaId": "C7AB124C-63E2-4CC2-B5C9-E7141E23D56C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4518:*:*:*:*:*:*",
"matchCriteriaId": "0E2D49D5-6F95-42F5-8EF0-DAD47C51D141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4519:*:*:*:*:*:*",
"matchCriteriaId": "EF9477F5-C6FD-4589-917B-FD206371DB33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4520:*:*:*:*:*:*",
"matchCriteriaId": "B51D61F5-7198-4B33-8AFD-A78E34F6B1AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4523:*:*:*:*:*:*",
"matchCriteriaId": "8CB27467-3157-466A-B01C-461348BD95C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4525:*:*:*:*:*:*",
"matchCriteriaId": "2D575B4D-D58A-4B92-9723-4AB54E29924A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4527:*:*:*:*:*:*",
"matchCriteriaId": "E76BB070-9BC9-4712-B021-156871C3B06A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4528:*:*:*:*:*:*",
"matchCriteriaId": "52D35850-9BE1-479A-B0AF-339E42BCA708",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4529:*:*:*:*:*:*",
"matchCriteriaId": "681A77B6-7E22-4132-803B-A0AD117CE7C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4531:*:*:*:*:*:*",
"matchCriteriaId": "EF72A1BF-EE5D-4F43-B463-7E51285D4D5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4532:*:*:*:*:*:*",
"matchCriteriaId": "2FDD429A-E938-483A-BCCF-50A2AD4096CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4533:*:*:*:*:*:*",
"matchCriteriaId": "162D604A-7F0E-44CF-9E48-D8B54F8F3509",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4535:*:*:*:*:*:*",
"matchCriteriaId": "AD38FA0F-B94F-4731-A652-07702EE0B808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4536:*:*:*:*:*:*",
"matchCriteriaId": "F2C3767E-A56B-4580-AF8C-9BF5852EE414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4537:*:*:*:*:*:*",
"matchCriteriaId": "5434E8CB-8DD0-4245-AF61-CF3A69BD0C3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_m365_security_plus:4.5:4538:*:*:*:*:*:*",
"matchCriteriaId": "C2403DA1-FBF8-495E-B996-4060F6BE6EE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30C9A012-AD39-45B2-BA3F-8D7180FC5390",
"versionEndExcluding": "4.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.4:4400:*:*:*:*:*:*",
"matchCriteriaId": "7C5E7CE6-F85E-49B2-9078-F661AA3723C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.4:4401:*:*:*:*:*:*",
"matchCriteriaId": "1194B4C2-FBF2-4015-B666-235897971DD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.4:4402:*:*:*:*:*:*",
"matchCriteriaId": "4F5F0CA5-CEC3-4342-A7D1-3616C482B965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.4:4403:*:*:*:*:*:*",
"matchCriteriaId": "B7B8A2F3-5F46-40B2-A4E7-118341443C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_sharepoint_manager_plus:4.4:4404:*:*:*:*:*:*",
"matchCriteriaId": "767BF16D-8CD8-4E8A-9A3B-CB11EB48FB9D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "658DC76D-E0FE-40FA-B966-6DA6ED531FCD",
"versionEndExcluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6001:*:*:*:*:*:*",
"matchCriteriaId": "948993BE-7B9E-4CCB-A97F-28B46DFE52A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6003:*:*:*:*:*:*",
"matchCriteriaId": "9F8D6CDF-1BD5-4457-94AA-CFCC351F55A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6005:*:*:*:*:*:*",
"matchCriteriaId": "E54CE38D-C9CA-4CC1-B3BC-83F593A576D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6011:*:*:*:*:*:*",
"matchCriteriaId": "4C8B3F77-7886-4F80-B75A-59063C762307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6016:*:*:*:*:*:*",
"matchCriteriaId": "ADCB6ADF-5B04-4682-B541-4BC8BB5762DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6017:*:*:*:*:*:*",
"matchCriteriaId": "A708628C-31E8-4A52-AEF7-297E2DDFA0C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6020:*:*:*:*:*:*",
"matchCriteriaId": "A8A01385-A493-42C0-ABBE-6A30C8594F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6025:*:*:*:*:*:*",
"matchCriteriaId": "E7A6CA95-9572-4FCA-ADD2-A5F4D8C2216B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6026:*:*:*:*:*:*",
"matchCriteriaId": "B6865936-A773-4353-8891-8269508B2180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6030:*:*:*:*:*:*",
"matchCriteriaId": "9CAD778E-8FDB-4CE2-A593-75EEA75F6361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6031:*:*:*:*:*:*",
"matchCriteriaId": "52A9BA64-A248-4490-BDA7-671D64C0B3CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6032:*:*:*:*:*:*",
"matchCriteriaId": "DFF0A7E8-888B-4CBE-B799-16557244DDF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6041:*:*:*:*:*:*",
"matchCriteriaId": "8B480202-7632-4CFA-A485-DDFF1D1DB757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6042:*:*:*:*:*:*",
"matchCriteriaId": "AB9B0721-49FD-49E7-97E4-E4E3EBF64856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6043:*:*:*:*:*:*",
"matchCriteriaId": "874F5DDD-EA8D-4C1E-824A-321C52959649",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6044:*:*:*:*:*:*",
"matchCriteriaId": "8CAA4713-DA95-46AC-AFA5-9D22F8819B06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6047:*:*:*:*:*:*",
"matchCriteriaId": "C9D4BB2E-D0D0-4058-88C9-3E73A793A85B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6049:*:*:*:*:*:*",
"matchCriteriaId": "832AAAAF-5C34-4DDF-96A4-080002F9BC6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6050:*:*:*:*:*:*",
"matchCriteriaId": "29ED63C4-FB06-41AC-ABCD-63B3233658A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6051:*:*:*:*:*:*",
"matchCriteriaId": "6EEA1BA5-F6A7-4BE0-8E77-993FB9E5CC91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6053:*:*:*:*:*:*",
"matchCriteriaId": "2C21AC8A-8358-46BE-A0C6-7CDEF1E73904",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6054:*:*:*:*:*:*",
"matchCriteriaId": "51400F37-6310-44A3-A683-068DF64D20F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6056:*:*:*:*:*:*",
"matchCriteriaId": "F3F43DBF-CD65-47D0-8CEE-D5EE8337188B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6057:*:*:*:*:*:*",
"matchCriteriaId": "78CB8751-856A-41AC-904A-70FA1E15A946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6058:*:*:*:*:*:*",
"matchCriteriaId": "72B7E27E-1443-46DC-8389-FBD337E612F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6060:*:*:*:*:*:*",
"matchCriteriaId": "F9BB1077-C1F5-4368-9930-8E7424E7EB98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6061:*:*:*:*:*:*",
"matchCriteriaId": "EE307CE4-574D-4FF7-BED6-5BBECF886578",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6062:*:*:*:*:*:*",
"matchCriteriaId": "49E40C74-7077-4366-82A7-52B454725B3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6070:*:*:*:*:*:*",
"matchCriteriaId": "038D7936-C837-4E49-89BC-D11DF2C875D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6071:*:*:*:*:*:*",
"matchCriteriaId": "D1DC87E8-3053-4823-BFDB-46BAF3FCEFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_recoverymanager_plus:6.0:build6072:*:*:*:*:*:*",
"matchCriteriaId": "E384B5D8-CF9A-4C6D-AB4A-5B1A66768ADB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_log360_ueba:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC606E6A-3523-41D5-94C9-A62E8630A687",
"versionEndExcluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_log360_ueba:4.0:build4010:*:*:*:*:*:*",
"matchCriteriaId": "7001A0A7-159C-48A3-9800-DAFBA31D05BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_log360_ueba:4.0:build4011:*:*:*:*:*:*",
"matchCriteriaId": "583B46D4-529F-404F-9CF3-4D7526889682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_log360_ueba:4.0:build4015:*:*:*:*:*:*",
"matchCriteriaId": "0D89C2A2-CE20-4954-8821-C73F9E3EC767",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_log360_ueba:4.0:build4016:*:*:*:*:*:*",
"matchCriteriaId": "A6B8B05F-0ECD-41C1-9FFD-0ADCF4046D39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_log360_ueba:4.0:build4020:*:*:*:*:*:*",
"matchCriteriaId": "233874F0-A19F-447C-ACE2-5DD06829C920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_log360_ueba:4.0:build4021:*:*:*:*:*:*",
"matchCriteriaId": "C4447E47-C6DB-440D-AF35-8130687E9BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_log360_ueba:4.0:build4023:*:*:*:*:*:*",
"matchCriteriaId": "405ECB05-7E35-4927-A19A-92A4B7FE8B1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_log360_ueba:4.0:build4024:*:*:*:*:*:*",
"matchCriteriaId": "9F1EC2A5-7498-40F9-91A4-B004AEA1136C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_log360_ueba:4.0:build4025:*:*:*:*:*:*",
"matchCriteriaId": "CEBB1CED-7B88-4E4B-89E8-E0E2B882E34C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_log360_ueba:4.0:build4026:*:*:*:*:*:*",
"matchCriteriaId": "DD3B14B6-8329-43C4-AE42-13279E77275E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_log360_ueba:4.0:build4027:*:*:*:*:*:*",
"matchCriteriaId": "7792B448-4D34-42F8-919C-344783D625E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_log360_ueba:4.0:build4028:*:*:*:*:*:*",
"matchCriteriaId": "E297C040-0523-4A50-97AB-349880D5B3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_log360_ueba:4.0:build4030:*:*:*:*:*:*",
"matchCriteriaId": "F86FEB8D-8A75-4C92-947D-CA7EDF8E0F5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_log360_ueba:4.0:build4031:*:*:*:*:*:*",
"matchCriteriaId": "A238ED1B-6C11-44C9-BDBF-8A724AB7FE1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_log360_ueba:4.0:build4034:*:*:*:*:*:*",
"matchCriteriaId": "8ADCADB6-9764-4CA8-AB54-BCE6D0363E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_log360_ueba:4.0:build4035:*:*:*:*:*:*",
"matchCriteriaId": "6E0C9493-EB87-4197-AF8B-BCA25488BCDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_log360_ueba:4.0:build4036:*:*:*:*:*:*",
"matchCriteriaId": "E4FD31D3-69EB-4699-B31B-C18A0EA9D9C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_log360_ueba:4.0:build4040:*:*:*:*:*:*",
"matchCriteriaId": "FBD7855F-4B66-4F43-960C-73E69C52E865",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_log360_ueba:4.0:build4043:*:*:*:*:*:*",
"matchCriteriaId": "0C9C8B4D-CFFE-4CB4-8F11-FC778462CB10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_log360_ueba:4.0:build4045:*:*:*:*:*:*",
"matchCriteriaId": "36A68C2E-978A-4F82-AC61-E9E7CA9908A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_log360_ueba:4.0:build4046:*:*:*:*:*:*",
"matchCriteriaId": "6C8D7EA7-7CC3-48B0-B966-71A69FDE6A7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_log360_ueba:4.0:build4047:*:*:*:*:*:*",
"matchCriteriaId": "05D804B6-5990-42A7-A072-8F904A5262E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_log360_ueba:4.0:build4048:*:*:*:*:*:*",
"matchCriteriaId": "0C720653-317E-4B1C-AFA8-90FAE97430C9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90001:*:*:*:*:*:*",
"matchCriteriaId": "A9C350FA-E483-4C06-A784-5679ED0471BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90063:*:*:*:*:*:*",
"matchCriteriaId": "15A47AA7-8B49-41EC-AB57-5706989DF756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90064:*:*:*:*:*:*",
"matchCriteriaId": "D1CCB7C8-86B9-4DA8-93D0-F96B81C82F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90065:*:*:*:*:*:*",
"matchCriteriaId": "397140D3-2424-42D9-9900-625EC4E95D22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90066:*:*:*:*:*:*",
"matchCriteriaId": "BA8C9A27-572E-407F-826A-1206394044D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90067:*:*:*:*:*:*",
"matchCriteriaId": "7601CC24-FC2D-4805-A975-2D307DECDF2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90068:*:*:*:*:*:*",
"matchCriteriaId": "A513B136-7DC5-48DD-BDCB-1620A14849B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90069:*:*:*:*:*:*",
"matchCriteriaId": "0858CFDE-7D76-4A63-BE21-A73310AD17BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90070:*:*:*:*:*:*",
"matchCriteriaId": "1BD8F9F8-89EB-422E-A4B1-E715AFD72341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90071:*:*:*:*:*:*",
"matchCriteriaId": "E0271D12-94E8-4345-9666-4A47A5AAB824",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90072:*:*:*:*:*:*",
"matchCriteriaId": "513337E6-D805-461B-812F-D6EEA0921883",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90073:*:*:*:*:*:*",
"matchCriteriaId": "8EB5C610-33AC-486C-AF48-4A889D429420",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90074:*:*:*:*:*:*",
"matchCriteriaId": "81FC1ED5-99FF-4C30-BCE0-5CDC7A5E4C03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90075:*:*:*:*:*:*",
"matchCriteriaId": "EA473C80-4100-4170-9601-8C9EEB5F64CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90076:*:*:*:*:*:*",
"matchCriteriaId": "5D2C41A7-1602-43CD-9E6D-A0178931C020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90077:*:*:*:*:*:*",
"matchCriteriaId": "238E3508-0230-441E-8114-6EEB79E22632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90078:*:*:*:*:*:*",
"matchCriteriaId": "2C85C7DB-BC46-4D0A-8353-C2DB51BFFD85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90079:*:*:*:*:*:*",
"matchCriteriaId": "0BAAFCD6-5945-46BE-9380-5C2F79060B8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90080:*:*:*:*:*:*",
"matchCriteriaId": "B6E108C0-075A-493D-B8AE-343D81BEC9C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90081:*:*:*:*:*:*",
"matchCriteriaId": "CA614153-4E29-45AB-BBC2-9BA0CDAD4B8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90082:*:*:*:*:*:*",
"matchCriteriaId": "F95B1920-005C-494C-A9A9-C72502E45723",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90083:*:*:*:*:*:*",
"matchCriteriaId": "DA3C51B7-B8A0-42F4-ADC9-C949B610EE2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90084:*:*:*:*:*:*",
"matchCriteriaId": "180D4816-E5D0-406B-B289-4B1984250B50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90085:*:*:*:*:*:*",
"matchCriteriaId": "57883D51-1188-4C14-B2EF-26FD4B156526",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90086:*:*:*:*:*:*",
"matchCriteriaId": "D5A59B7E-74CF-425F-B814-313D5F1F7670",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90087:*:*:*:*:*:*",
"matchCriteriaId": "327F6B11-9176-4791-96D0-FAD8EBE9D5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90088:*:*:*:*:*:*",
"matchCriteriaId": "5E057023-0175-4DB5-98A4-942FB81AF59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90089:*:*:*:*:*:*",
"matchCriteriaId": "28E12A60-CEB6-46BD-A4E8-48651A651E5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90090:*:*:*:*:*:*",
"matchCriteriaId": "25FA111C-01EA-49CA-BF67-A8C8C9A6E415",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90091:*:*:*:*:*:*",
"matchCriteriaId": "855DD295-DB63-4AF1-8C5A-0904BF049658",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90092:*:*:*:*:*:*",
"matchCriteriaId": "CDFE095C-C659-44BE-9740-C8B712165912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90093:*:*:*:*:*:*",
"matchCriteriaId": "FFB28D66-83BF-4685-9015-0B30021C59C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90094:*:*:*:*:*:*",
"matchCriteriaId": "9B82AA92-96B6-4841-BAC0-AA1487CBEB7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90095:*:*:*:*:*:*",
"matchCriteriaId": "81A65567-42E6-416B-8FB0-2571FDF60207",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90096:*:*:*:*:*:*",
"matchCriteriaId": "2193F4C6-5679-487B-82B8-C55A874ED5A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90097:*:*:*:*:*:*",
"matchCriteriaId": "124CB5EC-44C1-4136-B495-053F2299E59C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90098:*:*:*:*:*:*",
"matchCriteriaId": "A183735E-12AF-4692-A228-FE3B1169ABBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90099:*:*:*:*:*:*",
"matchCriteriaId": "3C1C57BB-73A7-4B48-B99C-A18E1CE55553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90100:*:*:*:*:*:*",
"matchCriteriaId": "020F4E45-45D2-4F1A-BAF8-8C61F45F5770",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90101:*:*:*:*:*:*",
"matchCriteriaId": "039F68D9-A36A-44BE-A457-790ECCB20FD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90102:*:*:*:*:*:*",
"matchCriteriaId": "23BDB028-FCCE-4A9D-887B-6A6F8166CFCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90103:*:*:*:*:*:*",
"matchCriteriaId": "5210BAA8-2ECC-49AA-8408-815433DC28D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90104:*:*:*:*:*:*",
"matchCriteriaId": "C8DC19CC-3F95-4753-8037-FB627D1D6167",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90105:*:*:*:*:*:*",
"matchCriteriaId": "93F07AFE-4E9A-4001-A17A-606A7B5E83F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90106:*:*:*:*:*:*",
"matchCriteriaId": "06B25C38-DE86-4F3E-918E-BC70FCC0054B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90107:*:*:*:*:*:*",
"matchCriteriaId": "E3F2E0E6-01D2-418D-872E-B117259E990F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90108:*:*:*:*:*:*",
"matchCriteriaId": "41D80E46-35FE-45E5-96D6-28691C0847DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90109:*:*:*:*:*:*",
"matchCriteriaId": "4D7768DA-1111-4557-A0D6-D3A74AC7FA54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90110:*:*:*:*:*:*",
"matchCriteriaId": "B3001463-3729-4216-B420-602A11C74244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90111:*:*:*:*:*:*",
"matchCriteriaId": "9A68EC19-3A57-41C4-90FA-CB1BF20EB8DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90112:*:*:*:*:*:*",
"matchCriteriaId": "193913B2-25D1-4779-B7E6-ACC5992AFC97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90113:*:*:*:*:*:*",
"matchCriteriaId": "E7AA77AA-E00E-4125-A698-12B30434F632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90114:*:*:*:*:*:*",
"matchCriteriaId": "229FBCFC-2810-44D1-9687-A7C060F6F9D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90115:*:*:*:*:*:*",
"matchCriteriaId": "99C3BBC2-F1D3-4873-A8FB-1B79A2163F74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90116:*:*:*:*:*:*",
"matchCriteriaId": "4A06EF86-915C-4D09-965B-3A9D4DFC96B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90117:*:*:*:*:*:*",
"matchCriteriaId": "3D67F80D-E999-4E46-8386-8122DC17DBCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90118:*:*:*:*:*:*",
"matchCriteriaId": "2593B38A-1281-41C9-B065-E6EFDF6BD71C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90119:*:*:*:*:*:*",
"matchCriteriaId": "B61541E8-5818-475B-9E54-C45C71C14A9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90120:*:*:*:*:*:*",
"matchCriteriaId": "84DE1BA0-8C36-44DF-91A0-96EA6EF736D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90121:*:*:*:*:*:*",
"matchCriteriaId": "BB2F2DEA-5E03-442E-A46B-B6C218BF3273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90122:*:*:*:*:*:*",
"matchCriteriaId": "CCEFA415-47D7-4DA2-B541-DD0B67AF30A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90123:*:*:*:*:*:*",
"matchCriteriaId": "B147B06A-969E-4541-A863-DF4045D39527",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B20C46B3-C23E-42AF-BA81-117B8541171B",
"versionEndExcluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90012:*:*:*:*:*:*",
"matchCriteriaId": "A897E8C8-6058-4BEC-BF00-3E8614238E0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90013:*:*:*:*:*:*",
"matchCriteriaId": "8B39A3B3-5B9E-4B31-9CE2-3625EA9C9AD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90014:*:*:*:*:*:*",
"matchCriteriaId": "FBF5AF44-E30B-4948-B0E2-42EE062DC3A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90015:*:*:*:*:*:*",
"matchCriteriaId": "356F078A-9887-423A-8BA7-74201DE109F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90016:*:*:*:*:*:*",
"matchCriteriaId": "9B8887A3-14C6-4DFB-9EBF-35966B4E6158",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90017:*:*:*:*:*:*",
"matchCriteriaId": "3A0FE6B3-E037-45F4-A907-51CD99E7B8DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90018:*:*:*:*:*:*",
"matchCriteriaId": "250CFA85-89C5-4F75-AF0F-BEA9C816E54E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90019:*:*:*:*:*:*",
"matchCriteriaId": "85B8B8F4-951D-446C-A8F8-EEBDC385D83E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90020:*:*:*:*:*:*",
"matchCriteriaId": "288C8246-7367-4D10-A0D4-5426B7EA17A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90021:*:*:*:*:*:*",
"matchCriteriaId": "59326535-A08E-4588-BAB8-9DF094FB61F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90022:*:*:*:*:*:*",
"matchCriteriaId": "077B9DBD-190C-4F20-BD3A-64D6887B7930",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90030:*:*:*:*:*:*",
"matchCriteriaId": "0587320F-C57E-41F7-B31F-1EA52ED234B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90031:*:*:*:*:*:*",
"matchCriteriaId": "0911BEEC-A6E4-440C-8217-A7FAAC1D3972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90032:*:*:*:*:*:*",
"matchCriteriaId": "A9D9805F-4F6B-4A15-A444-3B6538BCDDB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90033:*:*:*:*:*:*",
"matchCriteriaId": "48901205-BDE9-4CBA-9E3B-779D949CBF58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90034:*:*:*:*:*:*",
"matchCriteriaId": "69539391-6C6A-498A-B952-D4F12C2FEC4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90035:*:*:*:*:*:*",
"matchCriteriaId": "4A36B8AA-987B-4112-8B67-5BC306F9CF86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90036:*:*:*:*:*:*",
"matchCriteriaId": "96E9422A-CA9D-4BC8-90DB-3E3A1966E94C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90041:*:*:*:*:*:*",
"matchCriteriaId": "11A2E17D-3B33-4531-B78B-156BC2C7E53A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90042:*:*:*:*:*:*",
"matchCriteriaId": "4C34129B-5A15-4BE9-BB15-66101A5EAB65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90043:*:*:*:*:*:*",
"matchCriteriaId": "DA9A87D7-0707-4321-B5D2-2B4CBC66E838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90044:*:*:*:*:*:*",
"matchCriteriaId": "C2C06D73-9BEA-4604-BE73-3CE8A2DDD52A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90056:*:*:*:*:*:*",
"matchCriteriaId": "DAA7B941-6FE6-45CA-931D-6414DFEA9B50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90057:*:*:*:*:*:*",
"matchCriteriaId": "F7EEEF6C-DD29-4E6F-BED7-AE10184C2F9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90058:*:*:*:*:*:*",
"matchCriteriaId": "D36AD9EC-82D0-451B-ADD4-1EEC0FDC389B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90072:*:*:*:*:*:*",
"matchCriteriaId": "F68164FC-9A09-4145-97B8-99EE5532E6E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90074:*:*:*:*:*:*",
"matchCriteriaId": "2FB5646D-11C7-4878-9471-4F6D483CE979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90075:*:*:*:*:*:*",
"matchCriteriaId": "BBC0A0C3-C33E-46E9-A099-A5A66F576138",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90076:*:*:*:*:*:*",
"matchCriteriaId": "76584957-0388-4421-8336-75EE90D00349",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90077:*:*:*:*:*:*",
"matchCriteriaId": "05C542D5-7E3A-46E2-8CB6-A13159EFA4B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90078:*:*:*:*:*:*",
"matchCriteriaId": "7E7BF415-29D3-4BD0-8613-317D7EC7C992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90079:*:*:*:*:*:*",
"matchCriteriaId": "7F046602-4595-48C8-83F5-A43FD501003F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90080:*:*:*:*:*:*",
"matchCriteriaId": "FC5B464F-D327-4181-A911-2E3683B914B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90081:*:*:*:*:*:*",
"matchCriteriaId": "025D8F22-968F-44B6-83E1-13DAB7A514A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90082:*:*:*:*:*:*",
"matchCriteriaId": "F9F60549-59CE-47D0-BF2A-91B84A0B1984",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90083:*:*:*:*:*:*",
"matchCriteriaId": "6F982139-0EDC-411C-A074-A29963DCA328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90084:*:*:*:*:*:*",
"matchCriteriaId": "FBED4ED7-E991-48D0-AE27-71F9DEA5EDA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90085:*:*:*:*:*:*",
"matchCriteriaId": "8C6BE721-D851-406E-9AAF-01F9A9E15ADF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90086:*:*:*:*:*:*",
"matchCriteriaId": "F1D6E935-53D3-462D-9DD8-91BFEC90BB2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90087:*:*:*:*:*:*",
"matchCriteriaId": "E580F0AB-B840-4293-8639-4B7DD7981EAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90088:*:*:*:*:*:*",
"matchCriteriaId": "2CC8FE34-A5C9-4EF7-AA05-BEE403AB3B73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_secure_gateway_server:9.0:90090:*:*:*:*:*:*",
"matchCriteriaId": "A80444F6-755F-4FE3-96B3-744A842D40AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0026FC79-6554-4B68-89EB-D7A8422C7406",
"versionEndExcluding": "12.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125000:*:*:*:*:*:*",
"matchCriteriaId": "94F878CC-E691-41E9-A90D-72EA25038963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125002:*:*:*:*:*:*",
"matchCriteriaId": "6D1EA156-BD95-4AAA-B688-0CD62CCDB60A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125100:*:*:*:*:*:*",
"matchCriteriaId": "8033E51C-D261-4A12-96CD-AE1F13BFD2AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125101:*:*:*:*:*:*",
"matchCriteriaId": "9EE1E1E6-ED1C-443A-A576-AD47D65082B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125102:*:*:*:*:*:*",
"matchCriteriaId": "3E283214-CE6A-4CD6-9E9B-7BF09C37447D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125108:*:*:*:*:*:*",
"matchCriteriaId": "8FF84A5E-C43B-4637-B725-1087D2057EED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125110:*:*:*:*:*:*",
"matchCriteriaId": "25AEF257-E1C1-4DFD-9EC0-9B2AC3920CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125111:*:*:*:*:*:*",
"matchCriteriaId": "46E32091-F91D-4706-A4F9-DC658CF36A6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125112:*:*:*:*:*:*",
"matchCriteriaId": "AC7D1106-6708-4A84-A077-286376C72AB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125113:*:*:*:*:*:*",
"matchCriteriaId": "071B3368-D7C2-4EE1-808F-1F4A3C3A4756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125114:*:*:*:*:*:*",
"matchCriteriaId": "4E9D5882-91D6-4E9D-AD8B-F3861D987826",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125116:*:*:*:*:*:*",
"matchCriteriaId": "17931D40-369C-430F-B5ED-FAF69FAA0E3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125117:*:*:*:*:*:*",
"matchCriteriaId": "02B4D022-BC43-4041-BA2B-60A6D42AD150",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125118:*:*:*:*:*:*",
"matchCriteriaId": "15FFD3F7-CB9F-4FB1-9F2C-CFDAE7E46FF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125120:*:*:*:*:*:*",
"matchCriteriaId": "5ED17849-BC14-4996-9DF9-7645B1E17374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125121:*:*:*:*:*:*",
"matchCriteriaId": "D91F6CC5-EDBE-420F-8871-03B8D10254B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125123:*:*:*:*:*:*",
"matchCriteriaId": "E82C682C-9F61-45B7-B934-8D6DDBA792AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125124:*:*:*:*:*:*",
"matchCriteriaId": "2FC7728B-9FFC-4A8F-BE24-926B8C2823AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125125:*:*:*:*:*:*",
"matchCriteriaId": "78BE6CCE-706E-436B-A6E6-26E7D044B209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125136:*:*:*:*:*:*",
"matchCriteriaId": "8BD54A67-C531-4642-90D4-C6E402D55AC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125137:*:*:*:*:*:*",
"matchCriteriaId": "9DF164BD-EF39-42E2-807D-F298D68A8D3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125139:*:*:*:*:*:*",
"matchCriteriaId": "5D85766D-1BAC-4477-96D6-EA989D392128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125140:*:*:*:*:*:*",
"matchCriteriaId": "CE99520F-C8F3-46EA-9BBA-AAE2AB4AB8CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125143:*:*:*:*:*:*",
"matchCriteriaId": "16D8A8F6-8BC3-438D-BF8B-9E2B46ECBF36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125144:*:*:*:*:*:*",
"matchCriteriaId": "F3D18E27-EE06-4555-A675-1BAC7D3DD8E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125145:*:*:*:*:*:*",
"matchCriteriaId": "0FEFDFF7-5538-4C53-922A-A5E71A0D643E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125156:*:*:*:*:*:*",
"matchCriteriaId": "02463016-7156-470F-8535-EF4C7E150546",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125157:*:*:*:*:*:*",
"matchCriteriaId": "8DEB616C-2DDC-4138-B6FC-8B2680D35485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125158:*:*:*:*:*:*",
"matchCriteriaId": "D51E7B22-9293-4086-B143-2D279597A5CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125159:*:*:*:*:*:*",
"matchCriteriaId": "BB4D8585-6109-45C0-94B4-667D11F0509F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125161:*:*:*:*:*:*",
"matchCriteriaId": "97CB62BA-09FA-446D-A8CF-958980B67F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125163:*:*:*:*:*:*",
"matchCriteriaId": "F871111C-4B61-4C50-ABDA-78D8D988DCD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125174:*:*:*:*:*:*",
"matchCriteriaId": "9950CFB9-FCDE-4696-97AF-251467270375",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125175:*:*:*:*:*:*",
"matchCriteriaId": "B674CFD8-6AE7-420A-BD7A-DD7A068CA5D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125176:*:*:*:*:*:*",
"matchCriteriaId": "56BCA911-733C-4F8C-B3CD-22F3E6CA1F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125177:*:*:*:*:*:*",
"matchCriteriaId": "A1281E75-AC6D-4077-9207-7CA7E5BCB1CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125178:*:*:*:*:*:*",
"matchCriteriaId": "CC052CBA-2B37-4E84-978D-36185EE1A3A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125180:*:*:*:*:*:*",
"matchCriteriaId": "72CC7428-8DD0-45DB-8D80-C02CD9B6CB65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125181:*:*:*:*:*:*",
"matchCriteriaId": "0C1691B0-FA38-4A29-8D49-D99A675C122A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125192:*:*:*:*:*:*",
"matchCriteriaId": "194ACE61-101D-40C3-9377-12039533AB45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125193:*:*:*:*:*:*",
"matchCriteriaId": "86428D44-03BC-4528-ADB5-3AC05231759D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125194:*:*:*:*:*:*",
"matchCriteriaId": "B694D0FC-320A-44F9-9FFB-0706CDD3004C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125195:*:*:*:*:*:*",
"matchCriteriaId": "BE298317-10EE-4A34-B4D0-8D03B727A75B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125196:*:*:*:*:*:*",
"matchCriteriaId": "B0A1B243-163D-461B-BEAB-81E6E2DB36EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125197:*:*:*:*:*:*",
"matchCriteriaId": "5E86C3A0-700E-4CB2-AFDC-F203C61D413C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125198:*:*:*:*:*:*",
"matchCriteriaId": "A550184D-13BD-4F2A-9DE5-AC66B496FFC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125201:*:*:*:*:*:*",
"matchCriteriaId": "538BCF38-69B6-4686-B1F1-82B10175CCBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125204:*:*:*:*:*:*",
"matchCriteriaId": "F29A6AE3-B864-4552-9BE9-074CB6935B07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125212:*:*:*:*:*:*",
"matchCriteriaId": "7CD2AB8D-F638-48E0-A5D6-1E969F9998B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125213:*:*:*:*:*:*",
"matchCriteriaId": "76528168-A54D-4398-B558-6DC27ACCBFBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125214:*:*:*:*:*:*",
"matchCriteriaId": "6C1DCA3B-41B8-402B-B5E8-2C3494C36B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125215:*:*:*:*:*:*",
"matchCriteriaId": "531A9E5C-9C45-4982-8ADE-5B41CE5F5B48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125216:*:*:*:*:*:*",
"matchCriteriaId": "FA70F031-A7EF-49F5-A1F6-C3DD33198D86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125228:*:*:*:*:*:*",
"matchCriteriaId": "5DF093BF-830B-4C9A-A4B2-41C7811E4EFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125229:*:*:*:*:*:*",
"matchCriteriaId": "AB64E7D3-D835-4F46-BD81-6B59CF7EB9F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125230:*:*:*:*:*:*",
"matchCriteriaId": "A2176672-0E34-4B46-9202-483F1D315836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125231:*:*:*:*:*:*",
"matchCriteriaId": "FBD2726E-4AAA-4E7D-A8E7-89DB875E7E6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125232:*:*:*:*:*:*",
"matchCriteriaId": "94AF723B-F1B7-44A8-B654-7C10881A6AF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125233:*:*:*:*:*:*",
"matchCriteriaId": "0C65E8BE-968F-4AB8-BD3F-A123C66E576A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125312:*:*:*:*:*:*",
"matchCriteriaId": "9A4C70B1-A902-4835-BFFC-692CA91C1317",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125323:*:*:*:*:*:*",
"matchCriteriaId": "06FE113C-94B6-419B-8AA0-767EA74D11ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125324:*:*:*:*:*:*",
"matchCriteriaId": "C30413D5-7F5B-47EE-825E-CEEF69DAC5B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125326:*:*:*:*:*:*",
"matchCriteriaId": "57DA6C66-3235-4923-89D0-EF093FF4126F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125328:*:*:*:*:*:*",
"matchCriteriaId": "82307372-C2CF-4E19-9D1D-7D33FCCE8F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125329:*:*:*:*:*:*",
"matchCriteriaId": "A5289D80-1C75-4819-B615-8259B25B1E9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125340:*:*:*:*:*:*",
"matchCriteriaId": "25CC8F8B-9072-41E3-8045-25D12EE22427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125341:*:*:*:*:*:*",
"matchCriteriaId": "6000E214-BF19-469C-A7CA-CC91465B2CDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125342:*:*:*:*:*:*",
"matchCriteriaId": "1AA9EA4B-DD82-46E7-9C44-77AC076F61CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125343:*:*:*:*:*:*",
"matchCriteriaId": "50E697EA-0A78-477D-B726-AC54EE868244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125344:*:*:*:*:*:*",
"matchCriteriaId": "E64AAB62-43C4-4284-B2AA-1DC55B972803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125346:*:*:*:*:*:*",
"matchCriteriaId": "E3A43E19-D06D-4856-AA55-02B8148EAB49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125358:*:*:*:*:*:*",
"matchCriteriaId": "310C491E-92CE-4EE8-9CDE-70640DE9CAB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125359:*:*:*:*:*:*",
"matchCriteriaId": "A82217B5-0A11-4BE6-ACEF-991B2DFE53D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125360:*:*:*:*:*:*",
"matchCriteriaId": "7C69DA1F-F0A3-4E9F-96E2-F7A4E9B876C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125361:*:*:*:*:*:*",
"matchCriteriaId": "033944E6-8A01-4566-81C4-2B76F10C2839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125362:*:*:*:*:*:*",
"matchCriteriaId": "3D969C61-1F9A-4B97-B6DA-04F84E3E2936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125364:*:*:*:*:*:*",
"matchCriteriaId": "9984754B-1FA5-4CDF-AFC3-BD97C6C6B177",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125366:*:*:*:*:*:*",
"matchCriteriaId": "718427DB-57A7-4AB0-AA4C-7716E5A5F084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125367:*:*:*:*:*:*",
"matchCriteriaId": "CD43B869-6A7F-461D-A870-448C91FB7A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125375:*:*:*:*:*:*",
"matchCriteriaId": "98DD8376-4B21-4024-878D-DB74D1FF7A2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125376:*:*:*:*:*:*",
"matchCriteriaId": "5E8B8FBA-39ED-4E7A-AA1C-A6C15E8C92B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125377:*:*:*:*:*:*",
"matchCriteriaId": "4742B198-8630-4A45-AE87-6731BF56081A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125378:*:*:*:*:*:*",
"matchCriteriaId": "3782ABA4-5247-4349-8CD8-BCE85B98D44E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125379:*:*:*:*:*:*",
"matchCriteriaId": "C39E5DB9-1B75-4204-9B24-70F6294F1F42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125380:*:*:*:*:*:*",
"matchCriteriaId": "F9459981-3E65-489C-9A70-B582EC9C8BC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125381:*:*:*:*:*:*",
"matchCriteriaId": "BF90B539-9180-4A96-9E2F-F35DCA6DD720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125382:*:*:*:*:*:*",
"matchCriteriaId": "2A6D1150-602E-4006-9F6B-10C6649AC05B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125386:*:*:*:*:*:*",
"matchCriteriaId": "FB168E3D-63AB-45D7-AAC1-2D01CD6956F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125392:*:*:*:*:*:*",
"matchCriteriaId": "B8DCEAE6-AAE6-40B0-83B2-A579A6BF9854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125393:*:*:*:*:*:*",
"matchCriteriaId": "FCFEA624-968F-4A0F-969D-2190B1269EAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125394:*:*:*:*:*:*",
"matchCriteriaId": "64F9D21C-AC05-4629-864F-85AFA3789739",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125397:*:*:*:*:*:*",
"matchCriteriaId": "07E47F97-63EC-4BF1-AE54-3B510B66202D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125398:*:*:*:*:*:*",
"matchCriteriaId": "160765FF-9A56-4072-9580-C6DCB573B061",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125399:*:*:*:*:*:*",
"matchCriteriaId": "F1EE56C3-5F42-4D2C-AEC0-035078DAE445",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125405:*:*:*:*:*:*",
"matchCriteriaId": "16593100-F288-4013-BF48-48CA482FC62D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125410:*:*:*:*:*:*",
"matchCriteriaId": "5BCA02F3-EF72-4F28-9ABB-D75EB6CE3338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125411:*:*:*:*:*:*",
"matchCriteriaId": "D8052948-7F5B-4E63-B1B7-B244D6A0AC39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125413:*:*:*:*:*:*",
"matchCriteriaId": "B6359934-CA70-4A8A-99E5-806555900EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125414:*:*:*:*:*:*",
"matchCriteriaId": "83BAAE61-540D-4E36-8B63-2438EC3B1479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125415:*:*:*:*:*:*",
"matchCriteriaId": "008A2BF2-E18B-492F-9DFF-19618F998664",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125416:*:*:*:*:*:*",
"matchCriteriaId": "5023E77A-908C-41AE-ADC7-580F44ADC376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125417:*:*:*:*:*:*",
"matchCriteriaId": "797D16E7-484D-4793-9040-74B815DC52B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125420:*:*:*:*:*:*",
"matchCriteriaId": "7D923373-B575-44C8-9B4D-DB824EC59B68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125428:*:*:*:*:*:*",
"matchCriteriaId": "B88917EC-3ABB-475E-B374-272CE5272D56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125430:*:*:*:*:*:*",
"matchCriteriaId": "BD457A1B-023A-42CF-ADED-648A061AAAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125431:*:*:*:*:*:*",
"matchCriteriaId": "9B9E22A4-676A-4D75-850F-15E5EC9A2911",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125432:*:*:*:*:*:*",
"matchCriteriaId": "4E6BA9C0-59DB-49E5-826E-1CA885FA28CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125433:*:*:*:*:*:*",
"matchCriteriaId": "95715B71-FA63-40A2-9EA6-56250318FC73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125434:*:*:*:*:*:*",
"matchCriteriaId": "2591F23D-DB1F-44B0-B67A-13483408DE4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125437:*:*:*:*:*:*",
"matchCriteriaId": "E4F035FB-54A9-47C0-8896-174A742E23B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125446:*:*:*:*:*:*",
"matchCriteriaId": "34B52052-FBFC-4803-B999-448A9385B613",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125448:*:*:*:*:*:*",
"matchCriteriaId": "A1F97594-BF89-4B5D-B1CE-706708891450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125450:*:*:*:*:*:*",
"matchCriteriaId": "A436DAC3-05F7-48DE-A2E2-0084AE31D9A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125451:*:*:*:*:*:*",
"matchCriteriaId": "544961BA-03CA-49D6-AB7C-CFF597B3BB8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125452:*:*:*:*:*:*",
"matchCriteriaId": "9CDBD0CB-8495-44A1-BF9B-29A195D9F718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125453:*:*:*:*:*:*",
"matchCriteriaId": "73B5365C-92ED-41CC-9B05-8BB1FE21F3C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125455:*:*:*:*:*:*",
"matchCriteriaId": "B652092E-570C-4D4E-A133-627426C50F6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125456:*:*:*:*:*:*",
"matchCriteriaId": "DC13FB20-119C-47F9-870D-399811661896",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125457:*:*:*:*:*:*",
"matchCriteriaId": "BC457292-04FE-4643-8F1D-05DAEF3F70BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125466:*:*:*:*:*:*",
"matchCriteriaId": "29CBDA2B-5A6A-4DB0-AC37-EAD8E05B55BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125467:*:*:*:*:*:*",
"matchCriteriaId": "CD266A0D-E726-4BC7-B3B9-6E3176415188",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125468:*:*:*:*:*:*",
"matchCriteriaId": "046B7B6F-85DE-4BDB-8860-ECA208C4D697",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125469:*:*:*:*:*:*",
"matchCriteriaId": "C60E51D9-A842-49FF-8793-84C074DBE5EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125470:*:*:*:*:*:*",
"matchCriteriaId": "753B2FC9-342B-4456-85D9-27734BE7C6FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125476:*:*:*:*:*:*",
"matchCriteriaId": "BE930B14-4B22-4299-8DE8-7625342FC4E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125482:*:*:*:*:*:*",
"matchCriteriaId": "45B93007-AD6A-4978-9752-41DF72D34A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125483:*:*:*:*:*:*",
"matchCriteriaId": "863CBACB-F9A3-44AC-B795-C2C0EB5C9E3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125485:*:*:*:*:*:*",
"matchCriteriaId": "AB28B644-BFD0-4588-B544-A139B26DDDE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125486:*:*:*:*:*:*",
"matchCriteriaId": "944F7C2F-53D4-4933-BD63-DF15C5A5CD65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125487:*:*:*:*:*:*",
"matchCriteriaId": "F6D0F0D1-7DF5-4C8D-9B31-B347E5A567DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125488:*:*:*:*:*:*",
"matchCriteriaId": "870A721F-2991-4041-AB1D-DE3D953B8669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125489:*:*:*:*:*:*",
"matchCriteriaId": "4F7FC0E5-8D0D-45CF-AEFA-180B79BC8B0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125567:*:*:*:*:*:*",
"matchCriteriaId": "7D394493-D690-44F0-B3F0-FD39E46F31C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125568:*:*:*:*:*:*",
"matchCriteriaId": "AF8CBF57-EF1A-4C84-879B-1A4035F4236A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125587:*:*:*:*:*:*",
"matchCriteriaId": "2F1E924E-8896-41CE-82E2-F22943A02FCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125588:*:*:*:*:*:*",
"matchCriteriaId": "FB058840-E3D0-45FA-B95F-3445A7719118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125589:*:*:*:*:*:*",
"matchCriteriaId": "FD9B23C4-3458-4E6C-B1AB-D4A36BE8FFA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125597:*:*:*:*:*:*",
"matchCriteriaId": "D2A7AA89-7233-4624-894A-B2B996D1D270",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125598:*:*:*:*:*:*",
"matchCriteriaId": "B6B402ED-8B64-4FB0-B9E7-76E499A4115F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125599:*:*:*:*:*:*",
"matchCriteriaId": "4E8B01F2-0A03-48CF-8BAE-556A9C3D88FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125601:*:*:*:*:*:*",
"matchCriteriaId": "3C07E022-B75C-4491-8A30-9A1532D0472C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125603:*:*:*:*:*:*",
"matchCriteriaId": "00E92DB5-8D53-4129-92D0-AD1DA0F1FEB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125604:*:*:*:*:*:*",
"matchCriteriaId": "913CD99C-8F47-47BD-BD7C-33762861BB08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125605:*:*:*:*:*:*",
"matchCriteriaId": "67B7F52E-7D7A-4AA9-9241-FFCC3DD49BBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125611:*:*:*:*:*:*",
"matchCriteriaId": "D02650C3-1A7F-4889-B6CB-11994054B5F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125612:*:*:*:*:*:*",
"matchCriteriaId": "01FEA1CA-351B-4E2B-A78E-60338682F97F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125613:*:*:*:*:*:*",
"matchCriteriaId": "04C9E097-FE04-42BD-96C8-2A3A9FD50B25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125614:*:*:*:*:*:*",
"matchCriteriaId": "94F895DB-C865-4AED-A1D9-CE69C0EF52FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125615:*:*:*:*:*:*",
"matchCriteriaId": "8B565B12-283F-4323-9C88-FD3CF5646DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125616:*:*:*:*:*:*",
"matchCriteriaId": "9FDC3394-293E-44CF-A83F-FE047A4E4DE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125617:*:*:*:*:*:*",
"matchCriteriaId": "01846F8F-D7D6-4CD9-B83E-41B70C691761",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125628:*:*:*:*:*:*",
"matchCriteriaId": "CAE013FC-357D-42DA-B223-D40B3C813089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125629:*:*:*:*:*:*",
"matchCriteriaId": "E4BA87E9-5E37-41EE-835C-13F68ABC9C06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125630:*:*:*:*:*:*",
"matchCriteriaId": "D2034E17-2DB9-4229-B7D4-D14761CEE699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125631:*:*:*:*:*:*",
"matchCriteriaId": "39FBAFB9-5703-4EEA-BFF3-45B958E0805F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93A02A7E-02A8-4B74-AA9F-3DA0492748EF",
"versionEndExcluding": "12.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127000:*:*:*:*:*:*",
"matchCriteriaId": "24B04D73-0C55-49A8-B599-27C8C04948C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127001:*:*:*:*:*:*",
"matchCriteriaId": "97E74846-1666-4773-910D-77E0E19A7FCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127002:*:*:*:*:*:*",
"matchCriteriaId": "BB90B809-9D97-469F-B8F6-41B4AEAA2D3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127003:*:*:*:*:*:*",
"matchCriteriaId": "423C8618-9F3B-4B83-902C-FF01027EC54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127004:*:*:*:*:*:*",
"matchCriteriaId": "7E974B56-7A00-4582-AF8B-0D09B94477BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127100:*:*:*:*:*:*",
"matchCriteriaId": "7B6F8404-F624-41AA-BE8D-170D843EC290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127101:*:*:*:*:*:*",
"matchCriteriaId": "D0FF81E5-2134-4F45-9B39-2E3D5208BB80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127102:*:*:*:*:*:*",
"matchCriteriaId": "0D5DA95F-7C0F-4D05-BD35-DED356D01692",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127103:*:*:*:*:*:*",
"matchCriteriaId": "2B3A3EC3-DF7C-41A6-884C-C7C13D41B61E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127104:*:*:*:*:*:*",
"matchCriteriaId": "89EE3E31-8F55-4E44-8522-A32D6887AE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127109:*:*:*:*:*:*",
"matchCriteriaId": "979ED7B4-FAE3-4E98-A303-290E498FFD81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127116:*:*:*:*:*:*",
"matchCriteriaId": "EDC62E2F-AB97-4008-A52B-9CDC341A06BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127117:*:*:*:*:*:*",
"matchCriteriaId": "93DF7023-22AE-4A84-8734-06239013C10C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127118:*:*:*:*:*:*",
"matchCriteriaId": "2A128BED-75FA-42F1-9171-CBAEAA2366A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127119:*:*:*:*:*:*",
"matchCriteriaId": "5298BB50-8E22-490A-87C7-7F40B7F8F7C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127120:*:*:*:*:*:*",
"matchCriteriaId": "39C34F02-E413-4067-B958-86ADF89FA3AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127122:*:*:*:*:*:*",
"matchCriteriaId": "A0673E69-A2DB-424C-BBF0-79D729230F1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127123:*:*:*:*:*:*",
"matchCriteriaId": "4F062A20-6FFE-479B-9E64-E4771490B041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127131:*:*:*:*:*:*",
"matchCriteriaId": "C598244E-7483-4762-AC27-BD8036FEFE5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127133:*:*:*:*:*:*",
"matchCriteriaId": "B188A792-EF1A-4292-BD91-47635706C430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127134:*:*:*:*:*:*",
"matchCriteriaId": "BEFACD7A-D81B-4EDC-9E38-FD93FA0DE456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127136:*:*:*:*:*:*",
"matchCriteriaId": "DF818138-079A-43BE-A8B5-5DA47FA443AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127138:*:*:*:*:*:*",
"matchCriteriaId": "27066A8F-75C4-42BF-A54B-543114B92995",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127140:*:*:*:*:*:*",
"matchCriteriaId": "A239C6F8-3FC0-4510-B33F-14B25908E68F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127141:*:*:*:*:*:*",
"matchCriteriaId": "E8399E84-1344-4472-91F3-F63255911876",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127185:*:*:*:*:*:*",
"matchCriteriaId": "8888C77E-04A7-4C34-B497-504F6217E07B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127186:*:*:*:*:*:*",
"matchCriteriaId": "7502D92A-3B51-4A76-88D6-E2D76A584075",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127187:*:*:*:*:*:*",
"matchCriteriaId": "7E465A5F-C8B0-4AD0-8D6D-4823C5F8153D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127188:*:*:*:*:*:*",
"matchCriteriaId": "DBA622D6-CD85-4F0F-8CC3-39FE29754039",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127189:*:*:*:*:*:*",
"matchCriteriaId": "A0D2828B-B897-4F1D-B657-436DB3CAC2FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127191:*:*:*:*:*:*",
"matchCriteriaId": "98279B6E-8361-45CA-8912-F06972F4BD1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127240:*:*:*:*:*:*",
"matchCriteriaId": "A7D879C8-E89F-45C1-9609-80B737080AFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127241:*:*:*:*:*:*",
"matchCriteriaId": "3D8FD2DE-18D9-4F50-9256-672435059876",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127242:*:*:*:*:*:*",
"matchCriteriaId": "F01FEA58-BE5B-4CEC-831D-3BF05A20688D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:*:*:*:*:*:*:*:*",
"matchCriteriaId": "039C6DE6-DEA2-42E9-AE55-322E8E6B048C",
"versionEndExcluding": "12.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125000:*:*:*:*:*:*",
"matchCriteriaId": "55EA00B6-DE5D-4DE4-85AC-38A1216B4923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125108:*:*:*:*:*:*",
"matchCriteriaId": "BC4DF055-45CD-4B83-A7BA-59D6E46BD4D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125119:*:*:*:*:*:*",
"matchCriteriaId": "F9B51EF5-800F-446B-9F2D-47D45445E73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125120:*:*:*:*:*:*",
"matchCriteriaId": "C4C2087D-1B7B-4DA4-8288-D5366BC9735F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125125:*:*:*:*:*:*",
"matchCriteriaId": "B8FE0307-3CA7-445E-BA42-27D65C298E3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125129:*:*:*:*:*:*",
"matchCriteriaId": "F6F9CB58-3B55-4E6F-AE24-D16552EE3614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125138:*:*:*:*:*:*",
"matchCriteriaId": "006DB16B-34C4-4359-96A1-381F7C66BF18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125149:*:*:*:*:*:*",
"matchCriteriaId": "7EFE37CC-58F5-4B08-95C2-D9DAFC8D9C31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125162:*:*:*:*:*:*",
"matchCriteriaId": "4F102286-1D21-48AB-A1B4-ADB5A4D3EEA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125180:*:*:*:*:*:*",
"matchCriteriaId": "7DDD3297-57ED-40D4-AC54-4484A3E9C633",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125194:*:*:*:*:*:*",
"matchCriteriaId": "8F467A89-13F7-47E9-8285-041DB3F33603",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125212:*:*:*:*:*:*",
"matchCriteriaId": "E8C93717-4E5A-4686-A83F-A7D4AC732144",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125213:*:*:*:*:*:*",
"matchCriteriaId": "5A15AF17-8500-4102-AF1C-897360BB985C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125233:*:*:*:*:*:*",
"matchCriteriaId": "D9B364E3-45C1-4C71-BB6D-9D831449CF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125329:*:*:*:*:*:*",
"matchCriteriaId": "4CCB49B2-4AA1-4223-98F0-1E0872566BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125357:*:*:*:*:*:*",
"matchCriteriaId": "5D0A19E8-F0B3-446D-B991-C63657BC2A61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125362:*:*:*:*:*:*",
"matchCriteriaId": "1C7CD9C4-861D-42C0-9209-0843613F94B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125363:*:*:*:*:*:*",
"matchCriteriaId": "AD44F42F-709B-4FBE-B9C7-9944A874D489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125381:*:*:*:*:*:*",
"matchCriteriaId": "23C53DA5-F50F-4FA5-AF8B-4EA174BB4E57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125395:*:*:*:*:*:*",
"matchCriteriaId": "199EE3C2-2D58-4777-8592-D000D135E2A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125399:*:*:*:*:*:*",
"matchCriteriaId": "0CE514D6-6C6A-4DAD-8DB2-FA1F12FFAFBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125412:*:*:*:*:*:*",
"matchCriteriaId": "461FD5FC-2D14-44FC-88F0-783EDDD63483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125429:*:*:*:*:*:*",
"matchCriteriaId": "65FD6158-1B99-4C17-A167-41D6B1CD62F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125449:*:*:*:*:*:*",
"matchCriteriaId": "188123C8-7E72-4690-A322-888BED90FB7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125450:*:*:*:*:*:*",
"matchCriteriaId": "2BF85206-863D-493C-88F4-15B0BA5276A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125451:*:*:*:*:*:*",
"matchCriteriaId": "3C9DE996-1DEC-4AF0-89FD-1E3DA3967BC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125452:*:*:*:*:*:*",
"matchCriteriaId": "75FF4D85-97C8-4DF4-ADE6-EDE8EC2DD5BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125453:*:*:*:*:*:*",
"matchCriteriaId": "9CAC6467-19F7-4CB2-A5FC-B57A14F4636C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125455:*:*:*:*:*:*",
"matchCriteriaId": "60EB56E2-7367-4488-A00D-41464E86B06D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125456:*:*:*:*:*:*",
"matchCriteriaId": "3E315636-0897-4421-882D-E8196F7ACAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125459:*:*:*:*:*:*",
"matchCriteriaId": "EE609902-17AF-491B-8749-C8AF4E0A8241",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125467:*:*:*:*:*:*",
"matchCriteriaId": "6EFF6295-3F73-448D-8109-453E0DFD2002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125471:*:*:*:*:*:*",
"matchCriteriaId": "35A535BC-644B-4B10-8F66-779FAF503683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125475:*:*:*:*:*:*",
"matchCriteriaId": "DDD4AA74-4B07-44A1-A32F-88B0B1E90ACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125483:*:*:*:*:*:*",
"matchCriteriaId": "52203983-0CC9-49DB-B100-49CD9F5CE688",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125485:*:*:*:*:*:*",
"matchCriteriaId": "095362BF-69CD-458F-8A44-E3D6AFC8C41F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125490:*:*:*:*:*:*",
"matchCriteriaId": "65F6F508-F0BF-4821-8B50-24A9B652522E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125564:*:*:*:*:*:*",
"matchCriteriaId": "4044EE7F-268B-4CC7-9982-80766BE5790E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125568:*:*:*:*:*:*",
"matchCriteriaId": "6F87A77C-E40F-4DDE-9260-FCF12B237FA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125581:*:*:*:*:*:*",
"matchCriteriaId": "51CF193E-D5A6-423A-A5E2-B0ACF4B002E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125596:*:*:*:*:*:*",
"matchCriteriaId": "7C10F5A0-6FFE-4907-8A61-61CF11FC7A69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125606:*:*:*:*:*:*",
"matchCriteriaId": "6B3F637D-3724-4314-BCC7-A6A06040DF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125617:*:*:*:*:*:*",
"matchCriteriaId": "18598449-D0EE-445F-BA6A-2CD658DAF4D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125657:*:*:*:*:*:*",
"matchCriteriaId": "6DC52F3E-EC5F-404B-ABD7-615B8AB522A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.5:build125664:*:*:*:*:*:*",
"matchCriteriaId": "E3552F71-C708-41A4-9168-5673C086F507",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1DA3A9-36FB-4BCA-AEEC-231A2C3127D0",
"versionEndExcluding": "12.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127101:*:*:*:*:*:*",
"matchCriteriaId": "0BA30C26-D3D8-447C-BD7A-9BC166C8BF3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127117:*:*:*:*:*:*",
"matchCriteriaId": "162E0203-17E1-427E-A351-33F75E8FE5A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127134:*:*:*:*:*:*",
"matchCriteriaId": "61FB54BF-7A8F-4EE5-AF42-15E2B69E9DE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127241:*:*:*:*:*:*",
"matchCriteriaId": "764139C9-FF6A-4BE0-BAF3-52F403C41393",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127242:*:*:*:*:*:*",
"matchCriteriaId": "3D9805F6-1A56-4FBF-8F47-DAA80E4DE9FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9FF3515-61C7-4A7A-9781-6D4A0340B2EC",
"versionEndExcluding": "12.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125000:*:*:*:*:*:*",
"matchCriteriaId": "77AA96FD-5AF0-4F80-8402-BAB460FF8B75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125003:*:*:*:*:*:*",
"matchCriteriaId": "3095B4D1-170A-48B0-8C4A-7A7A54E42149",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125108:*:*:*:*:*:*",
"matchCriteriaId": "8CE4267C-DAAE-4CEC-A6E3-D2213AA5EE57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125109:*:*:*:*:*:*",
"matchCriteriaId": "92EB7DC6-F227-40B3-A093-4D9495BBE272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125115:*:*:*:*:*:*",
"matchCriteriaId": "40C478D3-7C1C-4FCE-99FA-976EE2754680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125120:*:*:*:*:*:*",
"matchCriteriaId": "DE6C88E4-D382-4729-AF5D-5697DCE26A67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125122:*:*:*:*:*:*",
"matchCriteriaId": "6447F4D8-0943-4C8C-BBA7-42BECC181D80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125125:*:*:*:*:*:*",
"matchCriteriaId": "422B8CB6-3A14-4452-9192-F4CD5BF5D030",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125141:*:*:*:*:*:*",
"matchCriteriaId": "41AB6C1A-CBEC-4DC1-94A4-9D14E82BA542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125142:*:*:*:*:*:*",
"matchCriteriaId": "6A2C060F-770B-4245-8490-5D2EB970FCA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125149:*:*:*:*:*:*",
"matchCriteriaId": "16E635CC-1591-4535-89EA-B8470BD885F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125150:*:*:*:*:*:*",
"matchCriteriaId": "D5F9E623-A42D-446D-ADDD-5F3C8F7BD9B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125160:*:*:*:*:*:*",
"matchCriteriaId": "1E235AF0-4453-4439-A25D-FF78A89BB117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125179:*:*:*:*:*:*",
"matchCriteriaId": "620E40E9-9D83-4E14-8898-10C0718B1A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125180:*:*:*:*:*:*",
"matchCriteriaId": "1D72F651-BD8C-4564-AC1A-84A91F21EADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125194:*:*:*:*:*:*",
"matchCriteriaId": "19DD9FF2-583B-4079-9375-E1643FF9A54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125200:*:*:*:*:*:*",
"matchCriteriaId": "69EDC39C-68EE-488D-B740-9E45229BDF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125212:*:*:*:*:*:*",
"matchCriteriaId": "EC374820-208A-40EF-965C-50C19467BD82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125213:*:*:*:*:*:*",
"matchCriteriaId": "397B1FAC-EB6E-4F17-B5D7-CBD47D581DF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125217:*:*:*:*:*:*",
"matchCriteriaId": "E771BCA5-9E65-4C8B-BF36-E90F641D2015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125221:*:*:*:*:*:*",
"matchCriteriaId": "A658460A-FAE0-4487-8CD6-FB3384664F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125232:*:*:*:*:*:*",
"matchCriteriaId": "6F104D17-7D08-42A5-BAF3-DEA475308FC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125323:*:*:*:*:*:*",
"matchCriteriaId": "9F875BFA-18C2-42BF-8BC4-D02E15B395E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125329:*:*:*:*:*:*",
"matchCriteriaId": "3BBD9D22-7E92-4648-972E-E17D9472E08D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125357:*:*:*:*:*:*",
"matchCriteriaId": "7219F9A0-CD1D-4BB4-A5E1-FA0495B49114",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125361:*:*:*:*:*:*",
"matchCriteriaId": "0CBB0F67-9C81-44BC-9836-DE5FE40DDBBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125362:*:*:*:*:*:*",
"matchCriteriaId": "6D7C0250-52DA-423D-B061-0CDF39D15068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125376:*:*:*:*:*:*",
"matchCriteriaId": "6FC34D3F-FED3-4266-AB29-98FFC2002507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125381:*:*:*:*:*:*",
"matchCriteriaId": "DD1460AC-A719-4B75-B28B-748B6C262A87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125399:*:*:*:*:*:*",
"matchCriteriaId": "B9024FE1-536C-4180-8115-6D97E7C324D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125410:*:*:*:*:*:*",
"matchCriteriaId": "8CD6EB21-3DC6-47A7-939A-AA3C8EFE278F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125429:*:*:*:*:*:*",
"matchCriteriaId": "3A5911F7-7A45-499D-B345-D9C082932BBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125447:*:*:*:*:*:*",
"matchCriteriaId": "CBBD7A90-4F97-4DFD-B8E6-F24A9B72A1C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125459:*:*:*:*:*:*",
"matchCriteriaId": "87C6DCE0-5F40-4F50-8538-29CFF2DCC9EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125464:*:*:*:*:*:*",
"matchCriteriaId": "BECA9FA7-887B-4ECC-AA23-F75F96E42CB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125467:*:*:*:*:*:*",
"matchCriteriaId": "CFD6D448-337E-4A63-8BE2-4DFC50AE7413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125475:*:*:*:*:*:*",
"matchCriteriaId": "33F2625D-0750-4ED1-8BA7-8141D8B7FB01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125482:*:*:*:*:*:*",
"matchCriteriaId": "A7D6DD58-62F3-4727-9AC1-E6B5EA71BB89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125483:*:*:*:*:*:*",
"matchCriteriaId": "33991587-174F-48D9-821D-BF44CF24924D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125484:*:*:*:*:*:*",
"matchCriteriaId": "18B8D15F-0286-4D64-96F8-D213E241813E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125485:*:*:*:*:*:*",
"matchCriteriaId": "EB8483C1-6586-4936-8BF8-ECE3F0F4D5F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125488:*:*:*:*:*:*",
"matchCriteriaId": "A9318551-C41F-46E9-A196-5C01EAE276F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125490:*:*:*:*:*:*",
"matchCriteriaId": "5030E129-0401-457B-B4FB-974AD5A0A948",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125557:*:*:*:*:*:*",
"matchCriteriaId": "74DAFF5A-7090-427F-A69E-2E90456485C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125568:*:*:*:*:*:*",
"matchCriteriaId": "8EB26A23-108E-4F39-84E3-2F1C197C8CE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125582:*:*:*:*:*:*",
"matchCriteriaId": "DF57D557-B1B9-4B2E-81A5-B23C1A8521E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125605:*:*:*:*:*:*",
"matchCriteriaId": "E37E20B2-B678-45C1-9EF9-7D65172B485F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125606:*:*:*:*:*:*",
"matchCriteriaId": "722042FB-CFE5-4DE8-A196-65D2E035378F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125615:*:*:*:*:*:*",
"matchCriteriaId": "17CC4F0C-E69E-4FA5-8119-D71AD9C13E63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.5:build125621:*:*:*:*:*:*",
"matchCriteriaId": "B8DA03F6-8EF8-48E1-B4CF-A2B0CB6F1DEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50FB7952-0CED-4A64-A435-D588CA661630",
"versionEndExcluding": "12.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127000:*:*:*:*:*:*",
"matchCriteriaId": "8343B084-2009-44F2-B36C-C66719BBB1FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127101:*:*:*:*:*:*",
"matchCriteriaId": "2574DD71-36A4-47AE-ABC3-D05D36FF8F02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127130:*:*:*:*:*:*",
"matchCriteriaId": "B9D787C9-F37B-4193-A34F-080F7410BFA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127131:*:*:*:*:*:*",
"matchCriteriaId": "55FB4705-D709-42F0-A562-6C5A05E00EAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127187:*:*:*:*:*:*",
"matchCriteriaId": "4503E624-DC7F-4C5E-B715-0EC4676CA1ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "340D8561-6110-49D8-BCDC-78A762FCD3E6",
"versionEndExcluding": "12.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125000:*:*:*:*:*:*",
"matchCriteriaId": "C61E9B3D-A39D-428E-A82F-5C4C225906C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125108:*:*:*:*:*:*",
"matchCriteriaId": "423D3372-F910-4006-9FE8-49A6B730AEBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125109:*:*:*:*:*:*",
"matchCriteriaId": "02B0ED3C-4729-4C70-8F06-6B507ED75BEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125115:*:*:*:*:*:*",
"matchCriteriaId": "3CE0B4B2-CC4C-4F0F-B97E-A90C84377989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125120:*:*:*:*:*:*",
"matchCriteriaId": "DC2E4C62-9867-4D14-85B3-95F359BD0551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125122:*:*:*:*:*:*",
"matchCriteriaId": "5042AD90-4DF1-4A5A-9317-017102515284",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125125:*:*:*:*:*:*",
"matchCriteriaId": "356A4F91-FA5B-4A09-841E-A380F580BA88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125129:*:*:*:*:*:*",
"matchCriteriaId": "CBBDC611-498B-4175-9A88-5914ED6D3A9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125141:*:*:*:*:*:*",
"matchCriteriaId": "10F3C9AD-9C1B-4FBD-8325-B56FCF96FFE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125149:*:*:*:*:*:*",
"matchCriteriaId": "F4EE5C24-C4AE-4F9D-B808-8930102A1389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125160:*:*:*:*:*:*",
"matchCriteriaId": "E0F45A48-5006-4748-B683-6C7CB469286A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125179:*:*:*:*:*:*",
"matchCriteriaId": "9796C62A-8FCA-4E1E-855E-7D67F77C9AD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125180:*:*:*:*:*:*",
"matchCriteriaId": "1A1AC2FD-91BA-4B78-BB14-B9F2CEB09071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125200:*:*:*:*:*:*",
"matchCriteriaId": "A4B99FDC-EC68-4006-B359-E845AEF72FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125212:*:*:*:*:*:*",
"matchCriteriaId": "240A8575-F963-4DB4-B9C6-BE584A2F8271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125213:*:*:*:*:*:*",
"matchCriteriaId": "B97F1BEE-F3C0-4DDD-B767-23C4BE9054AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125217:*:*:*:*:*:*",
"matchCriteriaId": "3B3482FA-9483-4EC7-9B09-E1BB63F02790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125232:*:*:*:*:*:*",
"matchCriteriaId": "2600FBC5-8358-4126-88F2-00F3BEE9B537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125323:*:*:*:*:*:*",
"matchCriteriaId": "FDD47CB0-3680-4ED9-821C-B673EACB953D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125329:*:*:*:*:*:*",
"matchCriteriaId": "D27B76C3-B8C8-48A6-AEF3-E9145B57EDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125357:*:*:*:*:*:*",
"matchCriteriaId": "6D77C576-035E-403B-A2B3-992496FAD202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125362:*:*:*:*:*:*",
"matchCriteriaId": "70608921-F02A-4121-BE90-919DD68DD0D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125376:*:*:*:*:*:*",
"matchCriteriaId": "93C50660-6ECF-4353-A15A-4F7B0F06D33A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125381:*:*:*:*:*:*",
"matchCriteriaId": "06D8864A-E6CC-4742-A2CF-B060E8DFA740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125393:*:*:*:*:*:*",
"matchCriteriaId": "D2572B3B-3BC4-4A83-92D5-8D7579821F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125399:*:*:*:*:*:*",
"matchCriteriaId": "0DD78F90-5231-4848-8971-9AB5ABBD2C33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125412:*:*:*:*:*:*",
"matchCriteriaId": "7C94C142-168F-421C-B00B-3F42AA1CC9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125429:*:*:*:*:*:*",
"matchCriteriaId": "77CE4835-6540-4CF6-A31C-255DA52BB073",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125447:*:*:*:*:*:*",
"matchCriteriaId": "E0544AE8-92B3-43A7-8F42-299AED1A40CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125450:*:*:*:*:*:*",
"matchCriteriaId": "BEC805D2-CFDC-40DE-AA70-42A91461BEE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125451:*:*:*:*:*:*",
"matchCriteriaId": "4767BF5A-B867-44BB-B152-E2AFA63B06D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125452:*:*:*:*:*:*",
"matchCriteriaId": "5855C471-07AB-4A96-9631-26C6C8B01F67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125453:*:*:*:*:*:*",
"matchCriteriaId": "5075910F-3676-439A-879A-5CBE2C734347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125455:*:*:*:*:*:*",
"matchCriteriaId": "20808F91-7F08-4BA9-9075-C54337EC68E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125456:*:*:*:*:*:*",
"matchCriteriaId": "C700CE3B-31B5-4B4D-A378-70EC26D6F88B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125459:*:*:*:*:*:*",
"matchCriteriaId": "A05AFF4D-4EF9-4939-81CC-0AB55DA596F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125464:*:*:*:*:*:*",
"matchCriteriaId": "86C3E31F-87E2-459F-8D1B-C6D1A237960D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125467:*:*:*:*:*:*",
"matchCriteriaId": "A3E7FC26-0000-4D4B-B489-DF0E2CD2B13C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125469:*:*:*:*:*:*",
"matchCriteriaId": "13E6E0F9-9D03-4665-9C89-6BE62ADCB39C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125471:*:*:*:*:*:*",
"matchCriteriaId": "0DE52003-E959-420F-89A1-C86D8FB12DBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125476:*:*:*:*:*:*",
"matchCriteriaId": "6E9C9051-7FDE-4DEE-85DC-0798524DC17A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125482:*:*:*:*:*:*",
"matchCriteriaId": "5BE3598F-CEB4-4553-BB50-AA778BBF8BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125483:*:*:*:*:*:*",
"matchCriteriaId": "4C71852D-D529-469A-9111-6D4DB8381BD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125484:*:*:*:*:*:*",
"matchCriteriaId": "EC3F7DA9-3FBF-4D67-8BA5-2643E706F64F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125485:*:*:*:*:*:*",
"matchCriteriaId": "53E2DF01-9A39-4E50-BEDE-D49988CE5CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125488:*:*:*:*:*:*",
"matchCriteriaId": "0015664D-11BC-4DEE-BC5B-DB3D1FE8DF82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125490:*:*:*:*:*:*",
"matchCriteriaId": "8B49F887-4574-4B3C-A8A7-57F75B27447F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125557:*:*:*:*:*:*",
"matchCriteriaId": "C1E93E4D-0E54-41DF-843A-E8AE94EAD0BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125566:*:*:*:*:*:*",
"matchCriteriaId": "1617ADAD-2E13-4910-B600-3EC7E59B087C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125568:*:*:*:*:*:*",
"matchCriteriaId": "4E7B4955-F688-47DE-B1FF-D417EBDFF9C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125582:*:*:*:*:*:*",
"matchCriteriaId": "5F982932-5513-411A-9CBF-3082C7ECEF0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125584:*:*:*:*:*:*",
"matchCriteriaId": "0B5378E9-D011-4B12-8DEE-442F22789C08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125585:*:*:*:*:*:*",
"matchCriteriaId": "8232CBA1-55DA-4F3C-A9E5-A204A25231C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125606:*:*:*:*:*:*",
"matchCriteriaId": "253569A5-4A2E-4163-88DC-C0FE6B79E06E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.5:build125615:*:*:*:*:*:*",
"matchCriteriaId": "A30281F3-4DE2-4ED3-91A7-AE7A091C31E1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9222E54C-0A7C-4828-9917-7CFD7EE8BC59",
"versionEndExcluding": "12.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127000:*:*:*:*:*:*",
"matchCriteriaId": "85778DB3-87D9-4C6A-9149-C58C45913268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127003:*:*:*:*:*:*",
"matchCriteriaId": "3973EC75-A70A-475A-82BB-409992F09392",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127101:*:*:*:*:*:*",
"matchCriteriaId": "14537D55-3ABE-423C-B320-6811292620AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127130:*:*:*:*:*:*",
"matchCriteriaId": "FCB0BDE0-5BD3-4315-A74B-D7065ABC91BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127131:*:*:*:*:*:*",
"matchCriteriaId": "3E850CF4-9078-4E43-A87C-8323536E8CD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127187:*:*:*:*:*:*",
"matchCriteriaId": "EC407852-45B1-47F4-A886-AF8B473A86D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB0C7A9-5511-4AC9-B5E4-74AAE6973E34",
"versionEndExcluding": "12.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125000:*:*:*:*:*:*",
"matchCriteriaId": "BDA5DDA4-A67C-4370-B41D-02755FCF1F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125108:*:*:*:*:*:*",
"matchCriteriaId": "3D99CD97-1D6B-4C67-A909-E1CE28A78E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125112:*:*:*:*:*:*",
"matchCriteriaId": "70FEC14F-A53C-437C-981A-214B867142E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125115:*:*:*:*:*:*",
"matchCriteriaId": "895E57EA-A8F6-425B-9D08-654E03B92B30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125116:*:*:*:*:*:*",
"matchCriteriaId": "9EE0C771-B2F6-4766-82FD-203967CE37D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125120:*:*:*:*:*:*",
"matchCriteriaId": "0DCD6102-19F7-42D2-A81B-C85824CA351D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125121:*:*:*:*:*:*",
"matchCriteriaId": "3C2C0A08-66BF-4FDC-A209-769234438844",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125125:*:*:*:*:*:*",
"matchCriteriaId": "8DDC3649-12A9-41F3-A27D-646B5DF05E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125129:*:*:*:*:*:*",
"matchCriteriaId": "4F037A2A-4B9A-4EBC-94E2-87502960FF20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125136:*:*:*:*:*:*",
"matchCriteriaId": "B15E99A3-989F-4EFD-BA26-DEC6992BD1CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125142:*:*:*:*:*:*",
"matchCriteriaId": "B85BF117-503B-435F-8667-481D9AC7A788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125149:*:*:*:*:*:*",
"matchCriteriaId": "3AC2A038-F59B-4137-B02F-4C26E2EB9152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125180:*:*:*:*:*:*",
"matchCriteriaId": "F605C78F-8BE4-4E02-A7FB-CA9D24AFE7E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125195:*:*:*:*:*:*",
"matchCriteriaId": "15557A07-E0E9-40DB-B013-0F4AD9556BD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125199:*:*:*:*:*:*",
"matchCriteriaId": "79082C84-9F25-4A63-86AF-18CC4ADF71CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125212:*:*:*:*:*:*",
"matchCriteriaId": "A88678CE-DB64-4D66-8F2A-3C60058DC5CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125213:*:*:*:*:*:*",
"matchCriteriaId": "88009BAC-1ECF-4BA3-855F-96C8789E476E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125216:*:*:*:*:*:*",
"matchCriteriaId": "E64F7B54-6B09-4B7E-B2AB-5EA73FD8E0AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125228:*:*:*:*:*:*",
"matchCriteriaId": "2B94DFD2-374C-47A9-9D54-3FDB63197FFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125232:*:*:*:*:*:*",
"matchCriteriaId": "9B0330D9-1276-4228-BA7E-B9E3B828E5AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125233:*:*:*:*:*:*",
"matchCriteriaId": "89736956-D05D-437B-BC7A-850AA459C123",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125234:*:*:*:*:*:*",
"matchCriteriaId": "63B26424-7292-4F37-B86F-2A4E0AD32B85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125323:*:*:*:*:*:*",
"matchCriteriaId": "2D2629FB-0A83-43CC-8C83-444036D05F7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125325:*:*:*:*:*:*",
"matchCriteriaId": "4CFD99D1-CB43-437B-8E7D-6712DA5C9835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125327:*:*:*:*:*:*",
"matchCriteriaId": "6FEBA58F-E5B4-4B91-B78F-620C6EB9D3BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125329:*:*:*:*:*:*",
"matchCriteriaId": "F9F9D406-FE99-45C0-B1C0-4DEB5E843FE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125343:*:*:*:*:*:*",
"matchCriteriaId": "F4B86974-C598-4E1A-9FF0-5AF9638C1AD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125345:*:*:*:*:*:*",
"matchCriteriaId": "C2838623-6F3F-417A-A644-FA226CCD8BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125358:*:*:*:*:*:*",
"matchCriteriaId": "454EDD2A-E79A-4D46-B841-BE5EC12C63D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125362:*:*:*:*:*:*",
"matchCriteriaId": "1557A740-D19D-4220-9B3E-395EFCB86F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125363:*:*:*:*:*:*",
"matchCriteriaId": "9C7DB404-A5C7-4EDB-BCB2-079A41E31428",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125378:*:*:*:*:*:*",
"matchCriteriaId": "B738952C-DE7B-4C3D-85B9-ADBEDF007AFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125392:*:*:*:*:*:*",
"matchCriteriaId": "897D140C-20FF-454D-8928-B11FFC84C016",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125399:*:*:*:*:*:*",
"matchCriteriaId": "18F93D7C-E8FC-4D4C-AEA0-C1187FB6D9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125417:*:*:*:*:*:*",
"matchCriteriaId": "2E799367-7DC7-478D-948A-17D717507DC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125445:*:*:*:*:*:*",
"matchCriteriaId": "74A5591E-75A4-4ACA-9C34-4907D645AA88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125459:*:*:*:*:*:*",
"matchCriteriaId": "0C67D5FC-5965-4AC1-80A5-931BE60B5E86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125465:*:*:*:*:*:*",
"matchCriteriaId": "139E25D9-A4C8-4041-ADF7-4618DFEEE8C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125469:*:*:*:*:*:*",
"matchCriteriaId": "6A65F3F7-45D3-49EB-9784-1F13FA2CBB0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125471:*:*:*:*:*:*",
"matchCriteriaId": "3795D2DE-622F-4C82-B133-0993A01AC1FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125475:*:*:*:*:*:*",
"matchCriteriaId": "C0DB9896-BC25-46E3-AA6F-496A442BE525",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125482:*:*:*:*:*:*",
"matchCriteriaId": "CE56A949-74AC-4138-8AD3-31F5763860EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125483:*:*:*:*:*:*",
"matchCriteriaId": "4A3DB867-FD46-46EB-AEF0-2B6E79371AF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125485:*:*:*:*:*:*",
"matchCriteriaId": "7881FBB4-AC09-4EB9-B02F-3EA19237E095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125488:*:*:*:*:*:*",
"matchCriteriaId": "F391E432-98B8-4D97-8AD4-FB1A84FAF774",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125490:*:*:*:*:*:*",
"matchCriteriaId": "61D908B2-446E-48EC-9F6B-91E8BF0F6A38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125565:*:*:*:*:*:*",
"matchCriteriaId": "FD5F28B0-580E-4CD4-917A-496D35AD271A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125568:*:*:*:*:*:*",
"matchCriteriaId": "F0FC96AA-F2F4-4C35-8BF7-6318A2F624A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125583:*:*:*:*:*:*",
"matchCriteriaId": "6EA008F1-4E47-4753-8506-769B29AB5BA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125584:*:*:*:*:*:*",
"matchCriteriaId": "7ED68CDE-1096-4490-8E6B-78F4AC2BB729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125598:*:*:*:*:*:*",
"matchCriteriaId": "34F8D9B7-3BD7-44C0-A292-162928729F36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125606:*:*:*:*:*:*",
"matchCriteriaId": "ADFB3155-72F3-4DFA-BAE1-5725A40E6C8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125612:*:*:*:*:*:*",
"matchCriteriaId": "7446678C-E2DB-4EA2-BC9B-430C8EC7804B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125615:*:*:*:*:*:*",
"matchCriteriaId": "33C57314-5503-48BD-9ED2-D76517C9C0F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.5:build125617:*:*:*:*:*:*",
"matchCriteriaId": "AC201C68-2C1D-4E75-9443-C5F853A37AB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6628EB7-96F6-48E3-8018-8F569972B811",
"versionEndExcluding": "12.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127000:*:*:*:*:*:*",
"matchCriteriaId": "B64ADEEB-502D-4588-BD80-156124437AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127102:*:*:*:*:*:*",
"matchCriteriaId": "2306C5F3-5413-4240-BAB6-E55849063A72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127105:*:*:*:*:*:*",
"matchCriteriaId": "87F97A9E-2AB3-4121-B5A7-0AA25780D336",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127132:*:*:*:*:*:*",
"matchCriteriaId": "AD049643-9546-4D39-BD26-79661205C110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8AEEB49-1C45-4B88-81C1-A1425B7E99A2",
"versionEndExcluding": "14.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.3:14300:*:*:*:*:*:*",
"matchCriteriaId": "E73FEA45-5AA3-4C49-91D3-E07A53E34515",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.3:14301:*:*:*:*:*:*",
"matchCriteriaId": "8CA65161-0C0B-45E7-BBEA-FA214DBF964B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.3:14302:*:*:*:*:*:*",
"matchCriteriaId": "9097C0CA-001B-4604-BCDB-ED28AB292CC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.3:14303:*:*:*:*:*:*",
"matchCriteriaId": "C7F15A64-F15C-43E4-890A-7FEB0614C6DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "378A2C19-6176-4E95-AB9C-B60A1F1A1E87",
"versionEndExcluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:7.0:7000:*:*:*:*:*:*",
"matchCriteriaId": "1E01D48C-A95F-421E-A6FA-D299D6BE02B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:7.0:7001:*:*:*:*:*:*",
"matchCriteriaId": "727BD3A4-F0E1-4656-A640-B32406324707",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:7.0:7002:*:*:*:*:*:*",
"matchCriteriaId": "AC812003-B383-4E52-B9D3-90F4B0633C90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:7.0:7003:*:*:*:*:*:*",
"matchCriteriaId": "E6BE678E-EC68-478F-A4E0-73E032C88167",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:7.0:7004:*:*:*:*:*:*",
"matchCriteriaId": "A5E373E7-9BB3-480F-A685-BAA7A9CD1BC7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE99DDEC-EA8D-4E15-A227-30B242611078",
"versionEndExcluding": "14.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:14.3:14300:*:*:*:*:*:*",
"matchCriteriaId": "52843587-34AD-4992-8E68-25CD02E247A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:14.3:14301:*:*:*:*:*:*",
"matchCriteriaId": "BC2FC98F-84FF-4C90-BD7C-20A4910BED44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:14.3:14302:*:*:*:*:*:*",
"matchCriteriaId": "9794CB33-4932-4AA6-AC8C-B9FB6AE233FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:14.3:14303:*:*:*:*:*:*",
"matchCriteriaId": "3CC0A1C9-2F24-422A-8478-95BDCE1EBE77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:14.3:14304:*:*:*:*:*:*",
"matchCriteriaId": "4E541BD1-3BB8-4807-BDF8-45B0916416D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_access_manager_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FDF15FF-2561-4139-AC5E-4812584B1B03",
"versionEndExcluding": "4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_access_manager_plus:4.3:build4300:*:*:*:*:*:*",
"matchCriteriaId": "D5DEC045-6A7E-4041-88F8-5ABC4AB51C29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_access_manager_plus:4.3:build4301:*:*:*:*:*:*",
"matchCriteriaId": "52DDE5D9-28DE-446F-A402-7BE3C33A4B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_access_manager_plus:4.3:build4302:*:*:*:*:*:*",
"matchCriteriaId": "F6E1E4D8-B7F0-4BDB-B5A2-55436BEC85F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_access_manager_plus:4.3:build4303:*:*:*:*:*:*",
"matchCriteriaId": "59675CC4-8A5C-4668-908C-0886B4B310DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_access_manager_plus:4.3:build4304:*:*:*:*:*:*",
"matchCriteriaId": "45084336-F1DC-4E5B-A45E-506A779985D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_access_manager_plus:4.3:build4305:*:*:*:*:*:*",
"matchCriteriaId": "1B2CC071-5BB3-4A25-88F2-DBC56B94D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_access_manager_plus:4.3:build4306:*:*:*:*:*:*",
"matchCriteriaId": "E6FDF373-4711-4B72-A14E-CEB19301C40F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_access_manager_plus:4.3:build4307:*:*:*:*:*:*",
"matchCriteriaId": "0E0F346C-0445-4D38-8583-3379962B540F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_access_manager_plus:4.3:build4308:*:*:*:*:*:*",
"matchCriteriaId": "18B78BDC-0EAA-4781-8D62-01E47AA3BF40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_access_manager_plus:4.3:build4309:*:*:*:*:*:*",
"matchCriteriaId": "A9EE7E99-B428-41EF-A693-7A316F695160",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4707D700-23C4-4BBD-9683-4E6D59989127",
"versionEndExcluding": "14.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:14.3:14300:*:*:*:*:*:*",
"matchCriteriaId": "39E8C9FE-3C1C-4E32-8BD4-14A88C49F587",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:14.3:14301:*:*:*:*:*:*",
"matchCriteriaId": "13A9F940-083E-451E-A330-877D67F617BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:14.3:14302:*:*:*:*:*:*",
"matchCriteriaId": "9FE925DF-55E6-4E7F-B5CD-F5ED097BBBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:14.3:14303:*:*:*:*:*:*",
"matchCriteriaId": "0031CF5C-78FE-4CB0-97CE-087C10A77EB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_pam360:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1478BFC3-A0B2-415B-BA1C-AA09D9451C93",
"versionEndExcluding": "5.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_password_manager_pro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "41B34AA8-294A-48A9-8579-44EB7EE192F3",
"versionEndExcluding": "12.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database passwords. This allows the user to access the ManageEngine product database."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en varios productos ManageEngine que puede provocar la exposici\u00f3n de claves de cifrado. Un usuario de sistema operativo con pocos privilegios y acceso al host donde est\u00e1 instalado un producto ManageEngine afectado puede ver y utilizar la clave expuesta para descifrar las contrase\u00f1as de la base de datos del producto. Esto permite al usuario acceder a la base de datos del producto ManageEngine."
}
],
"id": "CVE-2023-6105",
"lastModified": "2025-02-13T18:16:03.270",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "vulnreport@tenable.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-15T21:15:08.490",
"references": [
{
"source": "vulnreport@tenable.com",
"url": "https://www.manageengine.com/security/advisory/CVE/CVE-2023-6105.html"
},
{
"source": "vulnreport@tenable.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2023-35"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.manageengine.com/security/advisory/CVE/CVE-2023-6105.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2023-35"
}
],
"sourceIdentifier": "vulnreport@tenable.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "vulnreport@tenable.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-08 15:15
Modified
2024-11-21 08:29
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Summary
A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious MiB file to trigger this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| talos-cna@cisco.com | https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851 | Exploit, Third Party Advisory | |
| talos-cna@cisco.com | https://www.manageengine.com/itom/advisory/cve-2023-47211.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.manageengine.com/itom/advisory/cve-2023-47211.html | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50FB7952-0CED-4A64-A435-D588CA661630",
"versionEndExcluding": "12.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127000:*:*:*:*:*:*",
"matchCriteriaId": "8343B084-2009-44F2-B36C-C66719BBB1FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127101:*:*:*:*:*:*",
"matchCriteriaId": "2574DD71-36A4-47AE-ABC3-D05D36FF8F02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127130:*:*:*:*:*:*",
"matchCriteriaId": "B9D787C9-F37B-4193-A34F-080F7410BFA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127131:*:*:*:*:*:*",
"matchCriteriaId": "55FB4705-D709-42F0-A562-6C5A05E00EAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127187:*:*:*:*:*:*",
"matchCriteriaId": "4503E624-DC7F-4C5E-B715-0EC4676CA1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127244:*:*:*:*:*:*",
"matchCriteriaId": "BAD9E275-CCBA-4A25-A91D-2CC9D1547B74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127257:*:*:*:*:*:*",
"matchCriteriaId": "F50149D0-8105-49EE-9F0D-CFD67B0F64C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.7:build127259:*:*:*:*:*:*",
"matchCriteriaId": "E0DECCD8-2E8C-4288-8CB5-10C117D83112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9222E54C-0A7C-4828-9917-7CFD7EE8BC59",
"versionEndExcluding": "12.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127000:*:*:*:*:*:*",
"matchCriteriaId": "85778DB3-87D9-4C6A-9149-C58C45913268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127003:*:*:*:*:*:*",
"matchCriteriaId": "3973EC75-A70A-475A-82BB-409992F09392",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127101:*:*:*:*:*:*",
"matchCriteriaId": "14537D55-3ABE-423C-B320-6811292620AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127130:*:*:*:*:*:*",
"matchCriteriaId": "FCB0BDE0-5BD3-4315-A74B-D7065ABC91BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127131:*:*:*:*:*:*",
"matchCriteriaId": "3E850CF4-9078-4E43-A87C-8323536E8CD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127187:*:*:*:*:*:*",
"matchCriteriaId": "EC407852-45B1-47F4-A886-AF8B473A86D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127244:*:*:*:*:*:*",
"matchCriteriaId": "F528288A-7CC9-436C-9899-E4F343F83BCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127255:*:*:*:*:*:*",
"matchCriteriaId": "2C6E7D8F-8EF4-4FEF-BE87-82CFDD22DE2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127257:*:*:*:*:*:*",
"matchCriteriaId": "0BC6EA7D-E39F-4FE6-960D-BA6B85F81A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:12.7:build127259:*:*:*:*:*:*",
"matchCriteriaId": "BE0BFAB9-E3F3-493E-B2D3-FA9BE69C0A1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6628EB7-96F6-48E3-8018-8F569972B811",
"versionEndExcluding": "12.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127000:*:*:*:*:*:*",
"matchCriteriaId": "B64ADEEB-502D-4588-BD80-156124437AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127102:*:*:*:*:*:*",
"matchCriteriaId": "2306C5F3-5413-4240-BAB6-E55849063A72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127105:*:*:*:*:*:*",
"matchCriteriaId": "87F97A9E-2AB3-4121-B5A7-0AA25780D336",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127132:*:*:*:*:*:*",
"matchCriteriaId": "AD049643-9546-4D39-BD26-79661205C110",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127243:*:*:*:*:*:*",
"matchCriteriaId": "EC810ED9-125E-41CA-B0BD-16BBF1726C3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127257:*:*:*:*:*:*",
"matchCriteriaId": "97B71808-B280-4BDC-819F-B80156A77CA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:12.7:build127259:*:*:*:*:*:*",
"matchCriteriaId": "F5458B6F-1D90-4563-A783-93480FB628DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93A02A7E-02A8-4B74-AA9F-3DA0492748EF",
"versionEndExcluding": "12.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127000:*:*:*:*:*:*",
"matchCriteriaId": "24B04D73-0C55-49A8-B599-27C8C04948C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127001:*:*:*:*:*:*",
"matchCriteriaId": "97E74846-1666-4773-910D-77E0E19A7FCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127002:*:*:*:*:*:*",
"matchCriteriaId": "BB90B809-9D97-469F-B8F6-41B4AEAA2D3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127003:*:*:*:*:*:*",
"matchCriteriaId": "423C8618-9F3B-4B83-902C-FF01027EC54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127004:*:*:*:*:*:*",
"matchCriteriaId": "7E974B56-7A00-4582-AF8B-0D09B94477BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127100:*:*:*:*:*:*",
"matchCriteriaId": "7B6F8404-F624-41AA-BE8D-170D843EC290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127101:*:*:*:*:*:*",
"matchCriteriaId": "D0FF81E5-2134-4F45-9B39-2E3D5208BB80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127102:*:*:*:*:*:*",
"matchCriteriaId": "0D5DA95F-7C0F-4D05-BD35-DED356D01692",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127103:*:*:*:*:*:*",
"matchCriteriaId": "2B3A3EC3-DF7C-41A6-884C-C7C13D41B61E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127104:*:*:*:*:*:*",
"matchCriteriaId": "89EE3E31-8F55-4E44-8522-A32D6887AE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127109:*:*:*:*:*:*",
"matchCriteriaId": "979ED7B4-FAE3-4E98-A303-290E498FFD81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127116:*:*:*:*:*:*",
"matchCriteriaId": "EDC62E2F-AB97-4008-A52B-9CDC341A06BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127117:*:*:*:*:*:*",
"matchCriteriaId": "93DF7023-22AE-4A84-8734-06239013C10C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127118:*:*:*:*:*:*",
"matchCriteriaId": "2A128BED-75FA-42F1-9171-CBAEAA2366A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127119:*:*:*:*:*:*",
"matchCriteriaId": "5298BB50-8E22-490A-87C7-7F40B7F8F7C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127120:*:*:*:*:*:*",
"matchCriteriaId": "39C34F02-E413-4067-B958-86ADF89FA3AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127122:*:*:*:*:*:*",
"matchCriteriaId": "A0673E69-A2DB-424C-BBF0-79D729230F1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127123:*:*:*:*:*:*",
"matchCriteriaId": "4F062A20-6FFE-479B-9E64-E4771490B041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127131:*:*:*:*:*:*",
"matchCriteriaId": "C598244E-7483-4762-AC27-BD8036FEFE5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127133:*:*:*:*:*:*",
"matchCriteriaId": "B188A792-EF1A-4292-BD91-47635706C430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127134:*:*:*:*:*:*",
"matchCriteriaId": "BEFACD7A-D81B-4EDC-9E38-FD93FA0DE456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127136:*:*:*:*:*:*",
"matchCriteriaId": "DF818138-079A-43BE-A8B5-5DA47FA443AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127138:*:*:*:*:*:*",
"matchCriteriaId": "27066A8F-75C4-42BF-A54B-543114B92995",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127140:*:*:*:*:*:*",
"matchCriteriaId": "A239C6F8-3FC0-4510-B33F-14B25908E68F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127141:*:*:*:*:*:*",
"matchCriteriaId": "E8399E84-1344-4472-91F3-F63255911876",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127185:*:*:*:*:*:*",
"matchCriteriaId": "8888C77E-04A7-4C34-B497-504F6217E07B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127186:*:*:*:*:*:*",
"matchCriteriaId": "7502D92A-3B51-4A76-88D6-E2D76A584075",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127187:*:*:*:*:*:*",
"matchCriteriaId": "7E465A5F-C8B0-4AD0-8D6D-4823C5F8153D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127188:*:*:*:*:*:*",
"matchCriteriaId": "DBA622D6-CD85-4F0F-8CC3-39FE29754039",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127189:*:*:*:*:*:*",
"matchCriteriaId": "A0D2828B-B897-4F1D-B657-436DB3CAC2FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127191:*:*:*:*:*:*",
"matchCriteriaId": "98279B6E-8361-45CA-8912-F06972F4BD1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127240:*:*:*:*:*:*",
"matchCriteriaId": "A7D879C8-E89F-45C1-9609-80B737080AFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127241:*:*:*:*:*:*",
"matchCriteriaId": "3D8FD2DE-18D9-4F50-9256-672435059876",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127242:*:*:*:*:*:*",
"matchCriteriaId": "F01FEA58-BE5B-4CEC-831D-3BF05A20688D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127243:*:*:*:*:*:*",
"matchCriteriaId": "FFD06A39-E943-41B5-B00B-168A6D919C80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127255:*:*:*:*:*:*",
"matchCriteriaId": "49469309-8B9B-4BF1-B80A-226F975FC47C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127256:*:*:*:*:*:*",
"matchCriteriaId": "C429A23E-3DC0-453F-AAF7-F3237C9C6B6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127257:*:*:*:*:*:*",
"matchCriteriaId": "1E3B72F3-2128-4AF1-A9A3-969D9738A24B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127258:*:*:*:*:*:*",
"matchCriteriaId": "62C3AE7F-3F84-4C59-BBF8-2E82FAFF7E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.7:build127259:*:*:*:*:*:*",
"matchCriteriaId": "A559F75B-FB71-4926-89FC-AC2718F0273C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4FB8882-46AE-485B-82B5-67BF22DDC12C",
"versionEndExcluding": "12.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127109:*:*:*:*:*:*",
"matchCriteriaId": "265DB862-1B39-4B16-9AD9-D8D8190D08D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127122:*:*:*:*:*:*",
"matchCriteriaId": "5F476D22-0FA8-4128-833F-2F1E3D15615C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127123:*:*:*:*:*:*",
"matchCriteriaId": "A627EFBE-A429-42B8-A461-A7E1CDBBF796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127138:*:*:*:*:*:*",
"matchCriteriaId": "622CDD01-6655-4786-AFB0-C1C2F5D5E0BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127139:*:*:*:*:*:*",
"matchCriteriaId": "BDCDF5A9-ACA3-40CE-B163-F8AA7C028A69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127140:*:*:*:*:*:*",
"matchCriteriaId": "5AA4A73B-B9E4-4B69-973E-A2F713037E4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127141:*:*:*:*:*:*",
"matchCriteriaId": "DA91290A-E4E0-412D-B5B7-C220B0F3087B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127142:*:*:*:*:*:*",
"matchCriteriaId": "0DCF4289-B176-4AEA-8860-9C81F15BFFB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_msp:12.7:build127259:*:*:*:*:*:*",
"matchCriteriaId": "1CA0315F-27AE-4A5A-A05A-33A876B9C314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7201B73-EB6C-4233-A8BF-CA5EE2DF6C73",
"versionEndExcluding": "12.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127109:*:*:*:*:*:*",
"matchCriteriaId": "5AF53EDA-45A9-424F-937A-44C7FF7299F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127122:*:*:*:*:*:*",
"matchCriteriaId": "C70F7D66-975A-4341-97E7-E6ED80A9F314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127123:*:*:*:*:*:*",
"matchCriteriaId": "43D72341-8C61-4D07-BBFE-D611B41A511C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127138:*:*:*:*:*:*",
"matchCriteriaId": "9BC8DCA0-FFC1-4487-8452-E6ED8A9C5A48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127139:*:*:*:*:*:*",
"matchCriteriaId": "5FEDB823-5D06-4C65-9042-D99982395892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127140:*:*:*:*:*:*",
"matchCriteriaId": "18EF9B8C-F8DD-455E-BE93-80EB83374084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127141:*:*:*:*:*:*",
"matchCriteriaId": "89575D64-5969-4C11-8AC1-B48CA97A0558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127142:*:*:*:*:*:*",
"matchCriteriaId": "E115A1C7-23CF-4E61-BC85-8B0884CE5BC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.7:build127259:*:*:*:*:*:*",
"matchCriteriaId": "258C790F-F7FE-4071-BAC2-45AB3D2212FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1DA3A9-36FB-4BCA-AEEC-231A2C3127D0",
"versionEndExcluding": "12.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127101:*:*:*:*:*:*",
"matchCriteriaId": "0BA30C26-D3D8-447C-BD7A-9BC166C8BF3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127117:*:*:*:*:*:*",
"matchCriteriaId": "162E0203-17E1-427E-A351-33F75E8FE5A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127134:*:*:*:*:*:*",
"matchCriteriaId": "61FB54BF-7A8F-4EE5-AF42-15E2B69E9DE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127241:*:*:*:*:*:*",
"matchCriteriaId": "764139C9-FF6A-4BE0-BAF3-52F403C41393",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127242:*:*:*:*:*:*",
"matchCriteriaId": "3D9805F6-1A56-4FBF-8F47-DAA80E4DE9FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127258:*:*:*:*:*:*",
"matchCriteriaId": "0458F47B-0456-4005-9AB8-8183C3D1EBAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_oputils:12.7:build127259:*:*:*:*:*:*",
"matchCriteriaId": "266773C9-96A6-4588-A781-AE1C34B247D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious MiB file to trigger this vulnerability."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de directory traversal en la funcionalidad uploadMib de ManageEngine OpManager 12.7.258. Una solicitud HTTP especialmente manipulada puede dar lugar a la creaci\u00f3n de archivos arbitrarios. Un atacante puede enviar un archivo MiB malicioso para desencadenar esta vulnerabilidad."
}
],
"id": "CVE-2023-47211",
"lastModified": "2024-11-21T08:29:57.783",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 5.3,
"source": "talos-cna@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-08T15:15:25.287",
"references": [
{
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851"
},
{
"source": "talos-cna@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html"
}
],
"sourceIdentifier": "talos-cna@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "talos-cna@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-07 19:29
Modified
2024-11-21 04:48
Severity ?
Summary
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the autorefTime or graphTypes parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://seclists.org/fulldisclosure/2019/Feb/29 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Feb/29 | Exploit, Mailing List, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zohocorp | manageengine_netflow_analyzer | 7.0.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:7.0.0.2:*:*:*:professional:*:*:*",
"matchCriteriaId": "E8A06D7A-579E-40E2-9E31-8127E90869FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone \"/netflow/jspui/linkdownalertConfig.jsp\" file in the autorefTime or graphTypes parameter."
},
{
"lang": "es",
"value": "XSS en Zoho ManageEngine Netflow Analyzer Professional v7.0.0.0.2 en el archivo \"/netflow/jspui/linkdownalertConfig.jsp\" del par\u00e1metro autorefTime o graphTypes."
}
],
"id": "CVE-2019-7427",
"lastModified": "2024-11-21T04:48:12.680",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-07T19:29:01.317",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2022-38772
Vulnerability from cvelistv5
Published
2022-08-29 20:21
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature.
References
| ▼ | URL | Tags |
|---|---|---|
| https://manageengine.com | x_refsource_MISC | |
| https://www.manageengine.com/itom/advisory/cve-2022-38772.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:02:14.606Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://manageengine.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.manageengine.com/itom/advisory/cve-2022-38772.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-29T20:21:57",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://manageengine.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.manageengine.com/itom/advisory/cve-2022-38772.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-38772",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://manageengine.com",
"refsource": "MISC",
"url": "https://manageengine.com"
},
{
"name": "https://www.manageengine.com/itom/advisory/cve-2022-38772.html",
"refsource": "MISC",
"url": "https://www.manageengine.com/itom/advisory/cve-2022-38772.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-38772",
"datePublished": "2022-08-29T20:21:57",
"dateReserved": "2022-08-25T00:00:00",
"dateUpdated": "2024-08-03T11:02:14.606Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4418
Vulnerability from cvelistv5
Published
2015-06-09 00:00
Modified
2024-08-06 06:11
Severity ?
EPSS score ?
Summary
Zoho NetFlow Analyzer build 10250 and earlier does not have an off autocomplete attribute for a password field, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1032516 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/75068 | vdb-entry, x_refsource_BID | |
| https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:11:12.999Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032516",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032516"
},
{
"name": "75068",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75068"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Zoho NetFlow Analyzer build 10250 and earlier does not have an off autocomplete attribute for a password field, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1032516",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032516"
},
{
"name": "75068",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75068"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4418",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zoho NetFlow Analyzer build 10250 and earlier does not have an off autocomplete attribute for a password field, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032516",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032516"
},
{
"name": "75068",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75068"
},
{
"name": "https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250",
"refsource": "CONFIRM",
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-4418",
"datePublished": "2015-06-09T00:00:00",
"dateReserved": "2015-06-08T00:00:00",
"dateUpdated": "2024-08-06T06:11:12.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-7422
Vulnerability from cvelistv5
Published
2019-03-17 20:00
Modified
2024-08-04 20:46
Severity ?
EPSS score ?
Summary
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/addMailSettings.jsp" file in the gF parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html | x_refsource_MISC | |
| https://www.manageengine.com/products/netflow/?doc | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2019/Feb/29 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:46:46.199Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"name": "20190206 [CVE-2019-7422, CVE-2019-7423, CVE-2019-7424, CVE-2019-7425, CVE-2019-7426, CVE-2019-7427] Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone \"/netflow/jspui/addMailSettings.jsp\" file in the gF parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-17T20:00:59",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"name": "20190206 [CVE-2019-7422, CVE-2019-7423, CVE-2019-7424, CVE-2019-7425, CVE-2019-7426, CVE-2019-7427] Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7422",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone \"/netflow/jspui/addMailSettings.jsp\" file in the gF parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"name": "https://www.manageengine.com/products/netflow/?doc",
"refsource": "MISC",
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"name": "20190206 [CVE-2019-7422, CVE-2019-7423, CVE-2019-7424, CVE-2019-7425, CVE-2019-7426, CVE-2019-7427] Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-7422",
"datePublished": "2019-03-17T20:00:59",
"dateReserved": "2019-02-05T00:00:00",
"dateUpdated": "2024-08-04T20:46:46.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-36923
Vulnerability from cvelistv5
Published
2022-08-10 14:17
Modified
2024-08-03 10:14
Severity ?
EPSS score ?
Summary
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated attackers to obtain a user's API key, and then access external APIs.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.manageengine.com/itom/advisory/cve-2022-36923.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:14:29.360Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.manageengine.com/itom/advisory/cve-2022-36923.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated attackers to obtain a user\u0027s API key, and then access external APIs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-10T14:17:09",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.manageengine.com/itom/advisory/cve-2022-36923.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-36923",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated attackers to obtain a user\u0027s API key, and then access external APIs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.manageengine.com/itom/advisory/cve-2022-36923.html",
"refsource": "MISC",
"url": "https://www.manageengine.com/itom/advisory/cve-2022-36923.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-36923",
"datePublished": "2022-08-10T14:17:09",
"dateReserved": "2022-07-27T00:00:00",
"dateUpdated": "2024-08-03T10:14:29.360Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-7424
Vulnerability from cvelistv5
Published
2019-03-17 20:06
Modified
2024-08-04 20:46
Severity ?
EPSS score ?
Summary
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/index.jsp" file in the view GET parameter or any of these POST parameters: autorefTime, section, snapshot, viewOpt, viewAll, view, or groupSelName. The latter is related to CVE-2009-3903.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html | x_refsource_MISC | |
| https://www.manageengine.com/products/netflow/?doc | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2019/Feb/29 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:46:46.223Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"name": "20190206 [CVE-2019-7422, CVE-2019-7423, CVE-2019-7424, CVE-2019-7425, CVE-2019-7426, CVE-2019-7427] Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone \"/netflow/jspui/index.jsp\" file in the view GET parameter or any of these POST parameters: autorefTime, section, snapshot, viewOpt, viewAll, view, or groupSelName. The latter is related to CVE-2009-3903."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-17T20:06:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"name": "20190206 [CVE-2019-7422, CVE-2019-7423, CVE-2019-7424, CVE-2019-7425, CVE-2019-7426, CVE-2019-7427] Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7424",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone \"/netflow/jspui/index.jsp\" file in the view GET parameter or any of these POST parameters: autorefTime, section, snapshot, viewOpt, viewAll, view, or groupSelName. The latter is related to CVE-2009-3903."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"name": "https://www.manageengine.com/products/netflow/?doc",
"refsource": "MISC",
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"name": "20190206 [CVE-2019-7422, CVE-2019-7423, CVE-2019-7424, CVE-2019-7425, CVE-2019-7426, CVE-2019-7427] Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-7424",
"datePublished": "2019-03-17T20:06:07",
"dateReserved": "2019-02-05T00:00:00",
"dateUpdated": "2024-08-04T20:46:46.223Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-8926
Vulnerability from cvelistv5
Published
2019-05-17 13:57
Modified
2024-08-04 21:31
Severity ?
EPSS score ?
Summary
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/popup1.jsp file via these GET parameters: bussAlert, customDev, and selSource.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html | x_refsource_MISC | |
| https://www.manageengine.com/products/netflow/?doc | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2019/Feb/45 | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/46425/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:31:37.564Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/45"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46425/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/popup1.jsp file via these GET parameters: bussAlert, customDev, and selSource."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-17T13:57:39",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/45"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.exploit-db.com/exploits/46425/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8926",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/popup1.jsp file via these GET parameters: bussAlert, customDev, and selSource."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html"
},
{
"name": "https://www.manageengine.com/products/netflow/?doc",
"refsource": "MISC",
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"name": "http://seclists.org/fulldisclosure/2019/Feb/45",
"refsource": "MISC",
"url": "http://seclists.org/fulldisclosure/2019/Feb/45"
},
{
"name": "https://www.exploit-db.com/exploits/46425/",
"refsource": "MISC",
"url": "https://www.exploit-db.com/exploits/46425/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-8926",
"datePublished": "2019-05-17T13:57:40",
"dateReserved": "2019-02-18T00:00:00",
"dateUpdated": "2024-08-04T21:31:37.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-37024
Vulnerability from cvelistv5
Published
2022-08-09 15:15
Modified
2024-08-03 10:21
Severity ?
EPSS score ?
Summary
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.manageengine.com/itom/advisory/cve-2022-37024.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.557Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.manageengine.com/itom/advisory/cve-2022-37024.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-09T15:15:36",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.manageengine.com/itom/advisory/cve-2022-37024.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-37024",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.manageengine.com/itom/advisory/cve-2022-37024.html",
"refsource": "MISC",
"url": "https://www.manageengine.com/itom/advisory/cve-2022-37024.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-37024",
"datePublished": "2022-08-09T15:15:36",
"dateReserved": "2022-07-29T00:00:00",
"dateUpdated": "2024-08-03T10:21:32.557Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-2961
Vulnerability from cvelistv5
Published
2015-06-09 00:00
Modified
2024-08-06 05:32
Severity ?
EPSS score ?
Summary
Cross-site request forgery (CSRF) vulnerability in Zoho NetFlow Analyzer build 10250 and earlier allows remote attackers to hijack the authentication of administrators.
References
| ▼ | URL | Tags |
|---|---|---|
| http://jvn.jp/en/jp/JVN79284156/index.html | third-party-advisory, x_refsource_JVN | |
| http://www.securitytracker.com/id/1032516 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/75067 | vdb-entry, x_refsource_BID | |
| http://jvndb.jvn.jp/jvndb/JVNDB-2015-000076 | third-party-advisory, x_refsource_JVNDB | |
| https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:32:21.062Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#79284156",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN79284156/index.html"
},
{
"name": "1032516",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032516"
},
{
"name": "75067",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75067"
},
{
"name": "JVNDB-2015-000076",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000076"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in Zoho NetFlow Analyzer build 10250 and earlier allows remote attackers to hijack the authentication of administrators."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#79284156",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN79284156/index.html"
},
{
"name": "1032516",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032516"
},
{
"name": "75067",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75067"
},
{
"name": "JVNDB-2015-000076",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000076"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2015-2961",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in Zoho NetFlow Analyzer build 10250 and earlier allows remote attackers to hijack the authentication of administrators."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#79284156",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN79284156/index.html"
},
{
"name": "1032516",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032516"
},
{
"name": "75067",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75067"
},
{
"name": "JVNDB-2015-000076",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000076"
},
{
"name": "https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250",
"refsource": "CONFIRM",
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2015-2961",
"datePublished": "2015-06-09T00:00:00",
"dateReserved": "2015-04-07T00:00:00",
"dateUpdated": "2024-08-06T05:32:21.062Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-8928
Vulnerability from cvelistv5
Published
2019-05-17 14:08
Modified
2024-08-04 21:31
Severity ?
EPSS score ?
Summary
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in /netflow/jspui/userManagementForm.jsp via these GET parameters: authMeth, passWord, pwd1, and userName.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/46425/ | exploit, x_refsource_EXPLOIT-DB | |
| https://www.manageengine.com/products/netflow/?doc | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2019/Feb/45 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:31:37.496Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html"
},
{
"name": "46425",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46425/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"name": "20190119 [CVE-2019-8925 to CVE-2019-8929] Path traversal and Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/45"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in /netflow/jspui/userManagementForm.jsp via these GET parameters: authMeth, passWord, pwd1, and userName."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-17T14:08:31",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html"
},
{
"name": "46425",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46425/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"name": "20190119 [CVE-2019-8925 to CVE-2019-8929] Path traversal and Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/45"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8928",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in /netflow/jspui/userManagementForm.jsp via these GET parameters: authMeth, passWord, pwd1, and userName."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html"
},
{
"name": "46425",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46425/"
},
{
"name": "https://www.manageengine.com/products/netflow/?doc",
"refsource": "MISC",
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"name": "20190119 [CVE-2019-8925 to CVE-2019-8929] Path traversal and Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Feb/45"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-8928",
"datePublished": "2019-05-17T14:08:31",
"dateReserved": "2019-02-18T00:00:00",
"dateUpdated": "2024-08-04T21:31:37.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-6105
Vulnerability from cvelistv5
Published
2023-11-15 20:57
Modified
2025-02-13 17:26
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database passwords. This allows the user to access the ManageEngine product database.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | ManageEngine | Service Desk Plus |
Version: 0 < 14304 |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:21:17.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2023-35"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.manageengine.com/security/advisory/CVE/CVE-2023-6105.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Service Desk Plus",
"vendor": "ManageEngine",
"versions": [
{
"lessThan": "14304",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Asset Explorer",
"vendor": "ManageEngine",
"versions": [
{
"lessThan": "7004",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Access Manager Plus",
"vendor": "ManageEngine",
"versions": [
{
"lessThan": "14304",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database passwords. This allows the user to access the ManageEngine product database.\u003cbr\u003e"
}
],
"value": "An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database passwords. This allows the user to access the ManageEngine product database."
}
],
"impacts": [
{
"capecId": "CAPEC-176",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-176 Configuration/Environment Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-26T19:58:04.015Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"url": "https://www.tenable.com/security/research/tra-2023-35"
},
{
"url": "https://www.manageengine.com/security/advisory/CVE/CVE-2023-6105.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "ManageEngine Information Disclosure in Multiple Products",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2023-6105",
"datePublished": "2023-11-15T20:57:47.981Z",
"dateReserved": "2023-11-13T15:10:28.339Z",
"dateUpdated": "2025-02-13T17:26:03.759Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-5445
Vulnerability from cvelistv5
Published
2014-12-04 17:00
Modified
2024-08-06 11:41
Severity ?
EPSS score ?
Summary
Multiple absolute path traversal vulnerabilities in ZOHO ManageEngine Netflow Analyzer 8.6 through 10.2 and IT360 10.3 allow remote attackers or remote authenticated users to read arbitrary files via a full pathname in the schFilePath parameter to the (1) CSVServlet or (2) CReportPDFServlet servlet.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.zoho.com/portal/manageengine/helpcenter/articles/cve-2014-5445-cve-2014-5446-fix-for-arbitrary-file-download | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/99045 | vdb-entry, x_refsource_XF | |
| http://packetstormsecurity.com/files/129336/ManageEngine-Netflow-Analyzer-IT360-File-Download.html | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/534141/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/71404 | vdb-entry, x_refsource_BID | |
| https://github.com/rapid7/metasploit-framework/pull/4282 | x_refsource_MISC | |
| https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_netflow_it360_file_dl.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/534122/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://seclists.org/fulldisclosure/2014/Dec/9 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:41:49.073Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/cve-2014-5445-cve-2014-5446-fix-for-arbitrary-file-download"
},
{
"name": "netflow-cve20145445-dir-traversal(99045)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99045"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/129336/ManageEngine-Netflow-Analyzer-IT360-File-Download.html"
},
{
"name": "20141203 Re: [The ManageOwnage Series, part IX]: 0-day arbitrary file download in NetFlow Analyzer and IT360",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/534141/100/0/threaded"
},
{
"name": "71404",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71404"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rapid7/metasploit-framework/pull/4282"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_netflow_it360_file_dl.txt"
},
{
"name": "20141130 [The ManageOwnage Series, part IX]: 0-day arbitrary file download in NetFlow Analyzer and IT360",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/534122/100/0/threaded"
},
{
"name": "20141203 [The ManageOwnage Series, part IX]: 0-day arbitrary file download in NetFlow Analyzer and IT360",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-11-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple absolute path traversal vulnerabilities in ZOHO ManageEngine Netflow Analyzer 8.6 through 10.2 and IT360 10.3 allow remote attackers or remote authenticated users to read arbitrary files via a full pathname in the schFilePath parameter to the (1) CSVServlet or (2) CReportPDFServlet servlet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/cve-2014-5445-cve-2014-5446-fix-for-arbitrary-file-download"
},
{
"name": "netflow-cve20145445-dir-traversal(99045)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99045"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/129336/ManageEngine-Netflow-Analyzer-IT360-File-Download.html"
},
{
"name": "20141203 Re: [The ManageOwnage Series, part IX]: 0-day arbitrary file download in NetFlow Analyzer and IT360",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/534141/100/0/threaded"
},
{
"name": "71404",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71404"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rapid7/metasploit-framework/pull/4282"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_netflow_it360_file_dl.txt"
},
{
"name": "20141130 [The ManageOwnage Series, part IX]: 0-day arbitrary file download in NetFlow Analyzer and IT360",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/534122/100/0/threaded"
},
{
"name": "20141203 [The ManageOwnage Series, part IX]: 0-day arbitrary file download in NetFlow Analyzer and IT360",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/9"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5445",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple absolute path traversal vulnerabilities in ZOHO ManageEngine Netflow Analyzer 8.6 through 10.2 and IT360 10.3 allow remote attackers or remote authenticated users to read arbitrary files via a full pathname in the schFilePath parameter to the (1) CSVServlet or (2) CReportPDFServlet servlet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.zoho.com/portal/manageengine/helpcenter/articles/cve-2014-5445-cve-2014-5446-fix-for-arbitrary-file-download",
"refsource": "CONFIRM",
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/cve-2014-5445-cve-2014-5446-fix-for-arbitrary-file-download"
},
{
"name": "netflow-cve20145445-dir-traversal(99045)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99045"
},
{
"name": "http://packetstormsecurity.com/files/129336/ManageEngine-Netflow-Analyzer-IT360-File-Download.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/129336/ManageEngine-Netflow-Analyzer-IT360-File-Download.html"
},
{
"name": "20141203 Re: [The ManageOwnage Series, part IX]: 0-day arbitrary file download in NetFlow Analyzer and IT360",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534141/100/0/threaded"
},
{
"name": "71404",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71404"
},
{
"name": "https://github.com/rapid7/metasploit-framework/pull/4282",
"refsource": "MISC",
"url": "https://github.com/rapid7/metasploit-framework/pull/4282"
},
{
"name": "https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_netflow_it360_file_dl.txt",
"refsource": "MISC",
"url": "https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_netflow_it360_file_dl.txt"
},
{
"name": "20141130 [The ManageOwnage Series, part IX]: 0-day arbitrary file download in NetFlow Analyzer and IT360",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534122/100/0/threaded"
},
{
"name": "20141203 [The ManageOwnage Series, part IX]: 0-day arbitrary file download in NetFlow Analyzer and IT360",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Dec/9"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-5445",
"datePublished": "2014-12-04T17:00:00",
"dateReserved": "2014-08-25T00:00:00",
"dateUpdated": "2024-08-06T11:41:49.073Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-5446
Vulnerability from cvelistv5
Published
2014-12-04 17:00
Modified
2024-08-06 11:41
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in the DisplayChartPDF servlet in ZOHO ManageEngine Netflow Analyzer 8.6 through 10.2 and IT360 10.3 allows remote attackers and remote authenticated users to read arbitrary files via a .. (dot dot) in the filename parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/99046 | vdb-entry, x_refsource_XF | |
| https://support.zoho.com/portal/manageengine/helpcenter/articles/cve-2014-5445-cve-2014-5446-fix-for-arbitrary-file-download | x_refsource_CONFIRM | |
| http://packetstormsecurity.com/files/129336/ManageEngine-Netflow-Analyzer-IT360-File-Download.html | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/534141/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/71404 | vdb-entry, x_refsource_BID | |
| https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_netflow_it360_file_dl.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/534122/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://seclists.org/fulldisclosure/2014/Dec/9 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:41:49.185Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netflow-cve20145446-dir-traversal(99046)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99046"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/cve-2014-5445-cve-2014-5446-fix-for-arbitrary-file-download"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/129336/ManageEngine-Netflow-Analyzer-IT360-File-Download.html"
},
{
"name": "20141203 Re: [The ManageOwnage Series, part IX]: 0-day arbitrary file download in NetFlow Analyzer and IT360",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/534141/100/0/threaded"
},
{
"name": "71404",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71404"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_netflow_it360_file_dl.txt"
},
{
"name": "20141130 [The ManageOwnage Series, part IX]: 0-day arbitrary file download in NetFlow Analyzer and IT360",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/534122/100/0/threaded"
},
{
"name": "20141203 [The ManageOwnage Series, part IX]: 0-day arbitrary file download in NetFlow Analyzer and IT360",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-11-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the DisplayChartPDF servlet in ZOHO ManageEngine Netflow Analyzer 8.6 through 10.2 and IT360 10.3 allows remote attackers and remote authenticated users to read arbitrary files via a .. (dot dot) in the filename parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netflow-cve20145446-dir-traversal(99046)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99046"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/cve-2014-5445-cve-2014-5446-fix-for-arbitrary-file-download"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/129336/ManageEngine-Netflow-Analyzer-IT360-File-Download.html"
},
{
"name": "20141203 Re: [The ManageOwnage Series, part IX]: 0-day arbitrary file download in NetFlow Analyzer and IT360",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/534141/100/0/threaded"
},
{
"name": "71404",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71404"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_netflow_it360_file_dl.txt"
},
{
"name": "20141130 [The ManageOwnage Series, part IX]: 0-day arbitrary file download in NetFlow Analyzer and IT360",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/534122/100/0/threaded"
},
{
"name": "20141203 [The ManageOwnage Series, part IX]: 0-day arbitrary file download in NetFlow Analyzer and IT360",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/9"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5446",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the DisplayChartPDF servlet in ZOHO ManageEngine Netflow Analyzer 8.6 through 10.2 and IT360 10.3 allows remote attackers and remote authenticated users to read arbitrary files via a .. (dot dot) in the filename parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netflow-cve20145446-dir-traversal(99046)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99046"
},
{
"name": "https://support.zoho.com/portal/manageengine/helpcenter/articles/cve-2014-5445-cve-2014-5446-fix-for-arbitrary-file-download",
"refsource": "CONFIRM",
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/cve-2014-5445-cve-2014-5446-fix-for-arbitrary-file-download"
},
{
"name": "http://packetstormsecurity.com/files/129336/ManageEngine-Netflow-Analyzer-IT360-File-Download.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/129336/ManageEngine-Netflow-Analyzer-IT360-File-Download.html"
},
{
"name": "20141203 Re: [The ManageOwnage Series, part IX]: 0-day arbitrary file download in NetFlow Analyzer and IT360",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534141/100/0/threaded"
},
{
"name": "71404",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71404"
},
{
"name": "https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_netflow_it360_file_dl.txt",
"refsource": "MISC",
"url": "https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_netflow_it360_file_dl.txt"
},
{
"name": "20141130 [The ManageOwnage Series, part IX]: 0-day arbitrary file download in NetFlow Analyzer and IT360",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534122/100/0/threaded"
},
{
"name": "20141203 [The ManageOwnage Series, part IX]: 0-day arbitrary file download in NetFlow Analyzer and IT360",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Dec/9"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-5446",
"datePublished": "2014-12-04T17:00:00",
"dateReserved": "2014-08-25T00:00:00",
"dateUpdated": "2024-08-06T11:41:49.185Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-12133
Vulnerability from cvelistv5
Published
2019-06-18 21:27
Modified
2024-08-04 23:10
Severity ?
EPSS score ?
Summary
Multiple Zoho ManageEngine products suffer from local privilege escalation due to improper permissions for the %SYSTEMDRIVE%\ManageEngine directory and its sub-folders. Moreover, the services associated with said products try to execute binaries such as sc.exe from the current directory upon system start. This will effectively allow non-privileged users to escalate privileges to NT AUTHORITY\SYSTEM. This affects Desktop Central 10.0.380, EventLog Analyzer 12.0.2, ServiceDesk Plus 10.0.0, SupportCenter Plus 8.1, O365 Manager Plus 4.0, Mobile Device Manager Plus 9.0.0, Patch Connect Plus 9.0.0, Vulnerability Manager Plus 9.0.0, Patch Manager Plus 9.0.0, OpManager 12.3, NetFlow Analyzer 11.0, OpUtils 11.0, Network Configuration Manager 11.0, FireWall 12.0, Key Manager Plus 5.6, Password Manager Pro 9.9, Analytics Plus 1.0, and Browser Security Plus.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.manageengine.com/products/desktop-central/elevation-of-privilege-vulnerability.html | x_refsource_CONFIRM | |
| https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-007.md | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:10:30.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.manageengine.com/products/desktop-central/elevation-of-privilege-vulnerability.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-007.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-04-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple Zoho ManageEngine products suffer from local privilege escalation due to improper permissions for the %SYSTEMDRIVE%\\ManageEngine directory and its sub-folders. Moreover, the services associated with said products try to execute binaries such as sc.exe from the current directory upon system start. This will effectively allow non-privileged users to escalate privileges to NT AUTHORITY\\SYSTEM. This affects Desktop Central 10.0.380, EventLog Analyzer 12.0.2, ServiceDesk Plus 10.0.0, SupportCenter Plus 8.1, O365 Manager Plus 4.0, Mobile Device Manager Plus 9.0.0, Patch Connect Plus 9.0.0, Vulnerability Manager Plus 9.0.0, Patch Manager Plus 9.0.0, OpManager 12.3, NetFlow Analyzer 11.0, OpUtils 11.0, Network Configuration Manager 11.0, FireWall 12.0, Key Manager Plus 5.6, Password Manager Pro 9.9, Analytics Plus 1.0, and Browser Security Plus."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-18T18:00:42",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.manageengine.com/products/desktop-central/elevation-of-privilege-vulnerability.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-007.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-12133",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple Zoho ManageEngine products suffer from local privilege escalation due to improper permissions for the %SYSTEMDRIVE%\\ManageEngine directory and its sub-folders. Moreover, the services associated with said products try to execute binaries such as sc.exe from the current directory upon system start. This will effectively allow non-privileged users to escalate privileges to NT AUTHORITY\\SYSTEM. This affects Desktop Central 10.0.380, EventLog Analyzer 12.0.2, ServiceDesk Plus 10.0.0, SupportCenter Plus 8.1, O365 Manager Plus 4.0, Mobile Device Manager Plus 9.0.0, Patch Connect Plus 9.0.0, Vulnerability Manager Plus 9.0.0, Patch Manager Plus 9.0.0, OpManager 12.3, NetFlow Analyzer 11.0, OpUtils 11.0, Network Configuration Manager 11.0, FireWall 12.0, Key Manager Plus 5.6, Password Manager Pro 9.9, Analytics Plus 1.0, and Browser Security Plus."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.manageengine.com/products/desktop-central/elevation-of-privilege-vulnerability.html",
"refsource": "CONFIRM",
"url": "https://www.manageengine.com/products/desktop-central/elevation-of-privilege-vulnerability.html"
},
{
"name": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-007.md",
"refsource": "MISC",
"url": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-007.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-12133",
"datePublished": "2019-06-18T21:27:25",
"dateReserved": "2019-05-15T00:00:00",
"dateUpdated": "2024-08-04T23:10:30.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-12998
Vulnerability from cvelistv5
Published
2018-06-29 12:00
Modified
2024-08-05 08:52
Severity ?
EPSS score ?
Summary
A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows remote attackers to inject arbitrary web script or HTML via the parameter 'operation' to /servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/148635/Zoho-ManageEngine-13-13790-build-XSS-File-Read-File-Deletion.html | x_refsource_MISC | |
| https://github.com/unh3x/just4cve/issues/10 | x_refsource_MISC | |
| http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201807-036 | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2018/Jul/75 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:52:49.220Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/148635/Zoho-ManageEngine-13-13790-build-XSS-File-Read-File-Deletion.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/unh3x/just4cve/issues/10"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201807-036"
},
{
"name": "20180720 [CVE-2018-12998]Zoho manageengine Reflected XSS in multiple Products",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2018/Jul/75"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows remote attackers to inject arbitrary web script or HTML via the parameter \u0027operation\u0027 to /servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-24T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/148635/Zoho-ManageEngine-13-13790-build-XSS-File-Read-File-Deletion.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/unh3x/just4cve/issues/10"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201807-036"
},
{
"name": "20180720 [CVE-2018-12998]Zoho manageengine Reflected XSS in multiple Products",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2018/Jul/75"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-12998",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows remote attackers to inject arbitrary web script or HTML via the parameter \u0027operation\u0027 to /servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/148635/Zoho-ManageEngine-13-13790-build-XSS-File-Read-File-Deletion.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/148635/Zoho-ManageEngine-13-13790-build-XSS-File-Read-File-Deletion.html"
},
{
"name": "https://github.com/unh3x/just4cve/issues/10",
"refsource": "MISC",
"url": "https://github.com/unh3x/just4cve/issues/10"
},
{
"name": "http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201807-036",
"refsource": "MISC",
"url": "http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201807-036"
},
{
"name": "20180720 [CVE-2018-12998]Zoho manageengine Reflected XSS in multiple Products",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2018/Jul/75"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-12998",
"datePublished": "2018-06-29T12:00:00",
"dateReserved": "2018-06-29T00:00:00",
"dateUpdated": "2024-08-05T08:52:49.220Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-35404
Vulnerability from cvelistv5
Published
2022-07-18 12:25
Modified
2024-08-03 09:36
Severity ?
EPSS score ?
Summary
ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine.
References
| ▼ | URL | Tags |
|---|---|---|
| https://manageengine.com | x_refsource_MISC | |
| https://www.manageengine.com/itom/advisory/cve-2022-35404.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:36:44.178Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://manageengine.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.manageengine.com/itom/advisory/cve-2022-35404.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-18T12:25:32",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://manageengine.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.manageengine.com/itom/advisory/cve-2022-35404.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-35404",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://manageengine.com",
"refsource": "MISC",
"url": "https://manageengine.com"
},
{
"name": "https://www.manageengine.com/itom/advisory/cve-2022-35404.html",
"refsource": "MISC",
"url": "https://www.manageengine.com/itom/advisory/cve-2022-35404.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-35404",
"datePublished": "2022-07-18T12:25:32",
"dateReserved": "2022-07-08T00:00:00",
"dateUpdated": "2024-08-03T09:36:44.178Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-47211
Vulnerability from cvelistv5
Published
2024-01-08 14:45
Modified
2024-08-02 21:01
Severity ?
EPSS score ?
Summary
A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious MiB file to trigger this vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ManageEngine | OpManager |
Version: 12.7.258 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:01:22.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851"
},
{
"name": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html",
"tags": [
"x_transferred"
],
"url": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OpManager",
"vendor": "ManageEngine",
"versions": [
{
"status": "affected",
"version": "12.7.258"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Marcin \u0026#39;Icewall\u0026#39; Noga of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious MiB file to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-08T18:00:25.765Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851"
},
{
"name": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html",
"url": "https://www.manageengine.com/itom/advisory/cve-2023-47211.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-47211",
"datePublished": "2024-01-08T14:45:37.183Z",
"dateReserved": "2023-11-07T15:35:52.521Z",
"dateUpdated": "2024-08-02T21:01:22.684Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-8925
Vulnerability from cvelistv5
Published
2019-05-17 01:15
Modified
2024-08-04 21:31
Severity ?
EPSS score ?
Summary
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. An Absolute Path Traversal vulnerability in the Administration zone, in /netflow/servlet/CReportPDFServlet (via the parameter schFilePath), allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via any file name, such as a schFilePath=C:\boot.ini value.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html | x_refsource_MISC | |
| https://www.manageengine.com/products/netflow/?doc | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2019/Feb/45 | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/46425/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:31:37.591Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/45"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46425/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. An Absolute Path Traversal vulnerability in the Administration zone, in /netflow/servlet/CReportPDFServlet (via the parameter schFilePath), allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via any file name, such as a schFilePath=C:\\boot.ini value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-17T01:15:41",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/45"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.exploit-db.com/exploits/46425/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8925",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. An Absolute Path Traversal vulnerability in the Administration zone, in /netflow/servlet/CReportPDFServlet (via the parameter schFilePath), allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via any file name, such as a schFilePath=C:\\boot.ini value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html"
},
{
"name": "https://www.manageengine.com/products/netflow/?doc",
"refsource": "MISC",
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"name": "http://seclists.org/fulldisclosure/2019/Feb/45",
"refsource": "MISC",
"url": "http://seclists.org/fulldisclosure/2019/Feb/45"
},
{
"name": "https://www.exploit-db.com/exploits/46425/",
"refsource": "MISC",
"url": "https://www.exploit-db.com/exploits/46425/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-8925",
"datePublished": "2019-05-17T01:15:41",
"dateReserved": "2019-02-18T00:00:00",
"dateUpdated": "2024-08-04T21:31:37.591Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-2960
Vulnerability from cvelistv5
Published
2015-06-09 00:00
Modified
2024-08-06 05:32
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in Zoho NetFlow Analyzer build 10250 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/75071 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1032516 | vdb-entry, x_refsource_SECTRACK | |
| http://jvn.jp/en/jp/JVN98447310/index.html | third-party-advisory, x_refsource_JVN | |
| http://jvndb.jvn.jp/jvndb/JVNDB-2015-000074 | third-party-advisory, x_refsource_JVNDB | |
| https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:32:20.705Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "75071",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75071"
},
{
"name": "1032516",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032516"
},
{
"name": "JVN#98447310",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN98447310/index.html"
},
{
"name": "JVNDB-2015-000074",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000074"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Zoho NetFlow Analyzer build 10250 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "75071",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75071"
},
{
"name": "1032516",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032516"
},
{
"name": "JVN#98447310",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN98447310/index.html"
},
{
"name": "JVNDB-2015-000074",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000074"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2015-2960",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Zoho NetFlow Analyzer build 10250 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "75071",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75071"
},
{
"name": "1032516",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032516"
},
{
"name": "JVN#98447310",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN98447310/index.html"
},
{
"name": "JVNDB-2015-000074",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000074"
},
{
"name": "https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250",
"refsource": "CONFIRM",
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2015-2960",
"datePublished": "2015-06-09T00:00:00",
"dateReserved": "2015-04-07T00:00:00",
"dateUpdated": "2024-08-06T05:32:20.705Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-8927
Vulnerability from cvelistv5
Published
2019-05-17 14:05
Modified
2024-08-04 21:31
Severity ?
EPSS score ?
Summary
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/scheduleConfig.jsp file via these GET parameters: devSrc, emailId, excWeekModify, filterFlag, getFilter, mailReport, mset, popup, rep_schedule, rep_Type, schDesc, schName, schSource, selectDeviceDone, task, val10, and val11.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html | x_refsource_MISC | |
| https://www.manageengine.com/products/netflow/?doc | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2019/Feb/45 | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/46425/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:31:37.546Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/45"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46425/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/scheduleConfig.jsp file via these GET parameters: devSrc, emailId, excWeekModify, filterFlag, getFilter, mailReport, mset, popup, rep_schedule, rep_Type, schDesc, schName, schSource, selectDeviceDone, task, val10, and val11."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-17T14:05:22",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/45"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.exploit-db.com/exploits/46425/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8927",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/scheduleConfig.jsp file via these GET parameters: devSrc, emailId, excWeekModify, filterFlag, getFilter, mailReport, mset, popup, rep_schedule, rep_Type, schDesc, schName, schSource, selectDeviceDone, task, val10, and val11."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html"
},
{
"name": "https://www.manageengine.com/products/netflow/?doc",
"refsource": "MISC",
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"name": "http://seclists.org/fulldisclosure/2019/Feb/45",
"refsource": "MISC",
"url": "http://seclists.org/fulldisclosure/2019/Feb/45"
},
{
"name": "https://www.exploit-db.com/exploits/46425/",
"refsource": "MISC",
"url": "https://www.exploit-db.com/exploits/46425/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-8927",
"datePublished": "2019-05-17T14:05:22",
"dateReserved": "2019-02-18T00:00:00",
"dateUpdated": "2024-08-04T21:31:37.546Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-12997
Vulnerability from cvelistv5
Published
2018-06-29 12:00
Modified
2024-08-05 08:52
Severity ?
EPSS score ?
Summary
Incorrect Access Control in FailOverHelperServlet in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows attackers to read certain files on the web server without login by sending a specially crafted request to the server with the operation=copyfile&fileName= substring.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/148635/Zoho-ManageEngine-13-13790-build-XSS-File-Read-File-Deletion.html | x_refsource_MISC | |
| https://github.com/unh3x/just4cve/issues/8 | x_refsource_MISC | |
| http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201807-037 | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2018/Jul/73 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:52:49.423Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/148635/Zoho-ManageEngine-13-13790-build-XSS-File-Read-File-Deletion.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/unh3x/just4cve/issues/8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201807-037"
},
{
"name": "20180720 [CVE-2018-12997]Zoho manageengine Arbitrary File Read in multiple Products",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2018/Jul/73"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Incorrect Access Control in FailOverHelperServlet in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows attackers to read certain files on the web server without login by sending a specially crafted request to the server with the operation=copyfile\u0026fileName= substring."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-24T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/148635/Zoho-ManageEngine-13-13790-build-XSS-File-Read-File-Deletion.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/unh3x/just4cve/issues/8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201807-037"
},
{
"name": "20180720 [CVE-2018-12997]Zoho manageengine Arbitrary File Read in multiple Products",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2018/Jul/73"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-12997",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incorrect Access Control in FailOverHelperServlet in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows attackers to read certain files on the web server without login by sending a specially crafted request to the server with the operation=copyfile\u0026fileName= substring."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/148635/Zoho-ManageEngine-13-13790-build-XSS-File-Read-File-Deletion.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/148635/Zoho-ManageEngine-13-13790-build-XSS-File-Read-File-Deletion.html"
},
{
"name": "https://github.com/unh3x/just4cve/issues/8",
"refsource": "MISC",
"url": "https://github.com/unh3x/just4cve/issues/8"
},
{
"name": "http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201807-037",
"refsource": "MISC",
"url": "http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201807-037"
},
{
"name": "20180720 [CVE-2018-12997]Zoho manageengine Arbitrary File Read in multiple Products",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2018/Jul/73"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-12997",
"datePublished": "2018-06-29T12:00:00",
"dateReserved": "2018-06-29T00:00:00",
"dateUpdated": "2024-08-05T08:52:49.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-10803
Vulnerability from cvelistv5
Published
2018-05-10 14:00
Modified
2024-08-05 07:46
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in the add credentials functionality in Zoho ManageEngine NetFlow Analyzer v12.3 before 12.3.125 (build 123125) allows remote attackers to inject arbitrary web script or HTML via a crafted description value. This can be exploited through CSRF.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/104251 | vdb-entry, x_refsource_BID | |
| https://www.manageengine.com/products/netflow/readme.html#123125 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.851Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104251",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104251"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.manageengine.com/products/netflow/readme.html#123125"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the add credentials functionality in Zoho ManageEngine NetFlow Analyzer v12.3 before 12.3.125 (build 123125) allows remote attackers to inject arbitrary web script or HTML via a crafted description value. This can be exploited through CSRF."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-24T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "104251",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104251"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.manageengine.com/products/netflow/readme.html#123125"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10803",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the add credentials functionality in Zoho ManageEngine NetFlow Analyzer v12.3 before 12.3.125 (build 123125) allows remote attackers to inject arbitrary web script or HTML via a crafted description value. This can be exploited through CSRF."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104251",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104251"
},
{
"name": "https://www.manageengine.com/products/netflow/readme.html#123125",
"refsource": "CONFIRM",
"url": "https://www.manageengine.com/products/netflow/readme.html#123125"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10803",
"datePublished": "2018-05-10T14:00:00",
"dateReserved": "2018-05-08T00:00:00",
"dateUpdated": "2024-08-05T07:46:46.851Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-2959
Vulnerability from cvelistv5
Published
2015-06-09 00:00
Modified
2024-08-06 05:32
Severity ?
EPSS score ?
Summary
Zoho NetFlow Analyzer build 10250 and earlier does not check for administrative authorization, which allows remote attackers to obtain sensitive information, modify passwords, or remove accounts by leveraging the guest role.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1032516 | vdb-entry, x_refsource_SECTRACK | |
| http://jvn.jp/en/jp/JVN25598413/index.html | third-party-advisory, x_refsource_JVN | |
| http://jvndb.jvn.jp/jvndb/JVNDB-2015-000075 | third-party-advisory, x_refsource_JVNDB | |
| http://www.securityfocus.com/bid/75065 | vdb-entry, x_refsource_BID | |
| https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:32:20.668Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032516",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032516"
},
{
"name": "JVN#25598413",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN25598413/index.html"
},
{
"name": "JVNDB-2015-000075",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000075"
},
{
"name": "75065",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75065"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Zoho NetFlow Analyzer build 10250 and earlier does not check for administrative authorization, which allows remote attackers to obtain sensitive information, modify passwords, or remove accounts by leveraging the guest role."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "1032516",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032516"
},
{
"name": "JVN#25598413",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN25598413/index.html"
},
{
"name": "JVNDB-2015-000075",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000075"
},
{
"name": "75065",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75065"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2015-2959",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zoho NetFlow Analyzer build 10250 and earlier does not check for administrative authorization, which allows remote attackers to obtain sensitive information, modify passwords, or remove accounts by leveraging the guest role."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032516",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032516"
},
{
"name": "JVN#25598413",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN25598413/index.html"
},
{
"name": "JVNDB-2015-000075",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000075"
},
{
"name": "75065",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75065"
},
{
"name": "https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250",
"refsource": "CONFIRM",
"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2015-2959",
"datePublished": "2015-06-09T00:00:00",
"dateReserved": "2015-04-07T00:00:00",
"dateUpdated": "2024-08-06T05:32:20.668Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-7427
Vulnerability from cvelistv5
Published
2019-05-07 18:31
Modified
2024-08-04 20:46
Severity ?
EPSS score ?
Summary
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the autorefTime or graphTypes parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2019/Feb/29 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:46:46.317Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone \"/netflow/jspui/linkdownalertConfig.jsp\" file in the autorefTime or graphTypes parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-07T18:31:25",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7427",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone \"/netflow/jspui/linkdownalertConfig.jsp\" file in the autorefTime or graphTypes parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"name": "http://seclists.org/fulldisclosure/2019/Feb/29",
"refsource": "MISC",
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-7427",
"datePublished": "2019-05-07T18:31:25",
"dateReserved": "2019-02-05T00:00:00",
"dateUpdated": "2024-08-04T20:46:46.317Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-7426
Vulnerability from cvelistv5
Published
2019-05-07 18:27
Modified
2024-08-04 20:46
Severity ?
EPSS score ?
Summary
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the groupDesc, groupName, groupID, or task parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2019/Feb/29 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:46:46.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone \"/netflow/jspui/linkdownalertConfig.jsp\" file in the groupDesc, groupName, groupID, or task parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-07T18:27:38",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7426",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone \"/netflow/jspui/linkdownalertConfig.jsp\" file in the groupDesc, groupName, groupID, or task parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"name": "http://seclists.org/fulldisclosure/2019/Feb/29",
"refsource": "MISC",
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-7426",
"datePublished": "2019-05-07T18:27:38",
"dateReserved": "2019-02-05T00:00:00",
"dateUpdated": "2024-08-04T20:46:46.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-8929
Vulnerability from cvelistv5
Published
2019-05-17 14:11
Modified
2024-08-04 21:31
Severity ?
EPSS score ?
Summary
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/selectDevice.jsp file in these GET parameters: param and rtype.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/46425/ | exploit, x_refsource_EXPLOIT-DB | |
| https://www.manageengine.com/products/netflow/?doc | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2019/Feb/45 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:31:37.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html"
},
{
"name": "46425",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46425/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"name": "20190219 [CVE-2019-8925 to CVE-2019-8929] Path traversal and Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/45"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/selectDevice.jsp file in these GET parameters: param and rtype."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-17T14:11:40",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html"
},
{
"name": "46425",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46425/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"name": "20190219 [CVE-2019-8925 to CVE-2019-8929] Path traversal and Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/45"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8929",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/selectDevice.jsp file in these GET parameters: param and rtype."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/151757/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-Traversal-XSS.html"
},
{
"name": "46425",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46425/"
},
{
"name": "https://www.manageengine.com/products/netflow/?doc",
"refsource": "MISC",
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"name": "20190219 [CVE-2019-8925 to CVE-2019-8929] Path traversal and Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Feb/45"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-8929",
"datePublished": "2019-05-17T14:11:40",
"dateReserved": "2019-02-18T00:00:00",
"dateUpdated": "2024-08-04T21:31:37.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-7425
Vulnerability from cvelistv5
Published
2019-03-17 20:10
Modified
2024-08-04 20:46
Severity ?
EPSS score ?
Summary
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the task parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html | x_refsource_MISC | |
| https://www.manageengine.com/products/netflow/?doc | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2019/Feb/29 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:46:46.371Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"name": "20190206 [CVE-2019-7422, CVE-2019-7423, CVE-2019-7424, CVE-2019-7425, CVE-2019-7426, CVE-2019-7427] Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone \"/netflow/jspui/linkdownalertConfig.jsp\" file in the task parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-17T20:10:05",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"name": "20190206 [CVE-2019-7422, CVE-2019-7423, CVE-2019-7424, CVE-2019-7425, CVE-2019-7426, CVE-2019-7427] Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7425",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone \"/netflow/jspui/linkdownalertConfig.jsp\" file in the task parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"name": "https://www.manageengine.com/products/netflow/?doc",
"refsource": "MISC",
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"name": "20190206 [CVE-2019-7422, CVE-2019-7423, CVE-2019-7424, CVE-2019-7425, CVE-2019-7426, CVE-2019-7427] Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-7425",
"datePublished": "2019-03-17T20:10:05",
"dateReserved": "2019-02-05T00:00:00",
"dateUpdated": "2024-08-04T20:46:46.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-12196
Vulnerability from cvelistv5
Published
2019-06-05 17:37
Modified
2024-08-04 23:10
Severity ?
EPSS score ?
Summary
A SQL injection vulnerability in /client/api/json/v2/nfareports/compareReport in Zoho ManageEngine NetFlow Analyzer 12.3 allows attackers to execute arbitrary SQL commands via the DeviceID parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.manageengine.com/products/netflow/readme.html#124029 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/108672 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:10:30.926Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.manageengine.com/products/netflow/readme.html#124029"
},
{
"name": "108672",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108672"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A SQL injection vulnerability in /client/api/json/v2/nfareports/compareReport in Zoho ManageEngine NetFlow Analyzer 12.3 allows attackers to execute arbitrary SQL commands via the DeviceID parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-07T08:06:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.manageengine.com/products/netflow/readme.html#124029"
},
{
"name": "108672",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108672"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-12196",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A SQL injection vulnerability in /client/api/json/v2/nfareports/compareReport in Zoho ManageEngine NetFlow Analyzer 12.3 allows attackers to execute arbitrary SQL commands via the DeviceID parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.manageengine.com/products/netflow/readme.html#124029",
"refsource": "MISC",
"url": "https://www.manageengine.com/products/netflow/readme.html#124029"
},
{
"name": "108672",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108672"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-12196",
"datePublished": "2019-06-05T17:37:40",
"dateReserved": "2019-05-19T00:00:00",
"dateUpdated": "2024-08-04T23:10:30.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-7423
Vulnerability from cvelistv5
Published
2019-03-17 20:02
Modified
2024-08-04 20:46
Severity ?
EPSS score ?
Summary
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/editProfile.jsp" file in the userName parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html | x_refsource_MISC | |
| https://www.manageengine.com/products/netflow/?doc | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2019/Feb/29 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:46:46.184Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"name": "20190206 [CVE-2019-7422, CVE-2019-7423, CVE-2019-7424, CVE-2019-7425, CVE-2019-7426, CVE-2019-7427] Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone \"/netflow/jspui/editProfile.jsp\" file in the userName parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-17T20:02:54",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"name": "20190206 [CVE-2019-7422, CVE-2019-7423, CVE-2019-7424, CVE-2019-7425, CVE-2019-7426, CVE-2019-7427] Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7423",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone \"/netflow/jspui/editProfile.jsp\" file in the userName parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html"
},
{
"name": "https://www.manageengine.com/products/netflow/?doc",
"refsource": "MISC",
"url": "https://www.manageengine.com/products/netflow/?doc"
},
{
"name": "20190206 [CVE-2019-7422, CVE-2019-7423, CVE-2019-7424, CVE-2019-7425, CVE-2019-7426, CVE-2019-7427] Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Feb/29"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-7423",
"datePublished": "2019-03-17T20:02:54",
"dateReserved": "2019-02-05T00:00:00",
"dateUpdated": "2024-08-04T20:46:46.184Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}