Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2021-20078
CVE information
Published
Last Modified
CVSSv2.0 Severity
CVSSv3.1 Severity
Impact Analysis
Description
Manage Engine OpManager builds below 125346 are vulnerable to a remote denial of service vulnerability due to a path traversal issue in spark gateway component. This allows a remote attacker to remotely delete any directory or directories on the OS..
CVSSv2.0 Score
- Severity
- High
- Base Score
- 9.4/10
- Exploit Score
- 10/10
- Access Vector
- Network
- Access Complexity
- Low
- Authentication Required
- None
- Impact Score
- 9.2/10
- Confidentiality Impact
- None
- Availability Impact
- Complete
- Integrity Impact
- Complete
CVSSv3.1 Score
- Severity
- Critical
- Base Score
- 9.1/10
- Exploit Score
- 3.9/10
- Access Vector
- Network
- Access Complexity
- Low
- Privileges Required
- None
- Impact Score
- 5.2/10
- Confidentiality Impact
- None
- Availability Impact
- High
- Integrity Impact
- High
- Scope
- Unchanged
- User Interaction
- None
Products Affected
| CPE | Affected | Vulnerable | Excluding | Edit |
|---|---|---|---|---|
| cpe:2.3:a:zohocorp:manageengine_opmanager:*:*:*:*:*:*:*:* |
Yes
|
- | 12.5 | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125233:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125312:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125323:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125324:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125326:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125328:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125000:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125002:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125100:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125101:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125102:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125108:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125110:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125111:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125112:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125113:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125114:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125116:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125117:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125118:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125120:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125121:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125123:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125124:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125125:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125136:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125137:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125139:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125140:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125143:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125144:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125145:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125156:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125157:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125158:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125159:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125161:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125163:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125174:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125175:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125176:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125177:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125178:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125180:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125181:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125192:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125193:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125194:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125195:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125196:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125197:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125198:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125201:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125204:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125212:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125213:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125214:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125215:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125216:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125228:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125229:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125230:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125231:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125232:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125342:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125329:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125344:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125343:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125341:* |
Yes
|
- | - | |
| cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125340:* |
Yes
|
- | - |