Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2020-11527
CVE information
Published
Last Modified
CVSSv2.0 Severity
CVSSv3.1 Severity
Impact Analysis
Description
In Zoho ManageEngine OpManager before 12.4.181, an unauthenticated remote attacker can send a specially crafted URI to read arbitrary files..
CVSSv2.0 Score
- Severity
- Medium
- Base Score
- 5/10
- Exploit Score
- 10/10
- Access Vector
- Network
- Access Complexity
- Low
- Authentication Required
- None
- Impact Score
- 2.9/10
- Confidentiality Impact
- Partial
- Availability Impact
- None
- Integrity Impact
- None
CVSSv3.1 Score
- Severity
- High
- Base Score
- 7.5/10
- Exploit Score
- 3.9/10
- Access Vector
- Network
- Access Complexity
- Low
- Privileges Required
- None
- Impact Score
- 3.6/10
- Confidentiality Impact
- High
- Availability Impact
- None
- Integrity Impact
- None
- Scope
- Unchanged
- User Interaction
- None
Products Affected
| CPE | Affected | Vulnerable | Excluding | Edit |
|---|---|---|---|---|
| cpe:2.3:a:zohocorp:manageengine_opmanager:*:*:*:*:*:*:*:* |
Yes
|
- | 12.4 | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:-:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124016:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124015:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124039:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124037:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124041:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124040:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124043:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124042:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124053:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124051:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124023:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124022:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124025:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124024:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124027:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124026:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124033:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124030:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124074:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124071:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124081:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124075:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124085:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124082:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124087:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124086:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124056:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124054:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124065:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124058:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124067:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124066:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124070:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124069:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124096:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124095:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124089:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124178:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124176:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124175:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124100:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124099:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124098:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124097:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124169:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124168:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124102:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124101:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124000:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124012:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124011:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124014:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124013:* |
Yes
|
- | - |