CVE-2020-15533

In Zoho ManageEngine Application Manager 14.7 Build 14730 (before 14684, and between 14689 and 14750), the AlarmEscalation module is vulnerable to unauthenticated SQL Injection attack.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:zohocorp:manageengine_applications_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.6:-:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.6:build14680:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.6:build14681:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.6:build14682:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.6:build14683:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.6:build14690:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.7:-:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.7:build14700:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.7:build14710:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.7:build14720:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.7:build14730:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.7:build14740:*:*:*:*:*:*

Information

Published : 2020-10-01 12:15

Updated : 2020-10-13 06:48


NVD link : CVE-2020-15533

Mitre link : CVE-2020-15533


JSON object : View

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Advertisement

dedicated server usa

Products Affected

zohocorp

  • manageengine_applications_manager