Zoho ManageEngine Applications Manager before 14 build 14880 allows an authenticated SQL Injection via a crafted Alarmview request.
References
Link | Resource |
---|---|
https://www.manageengine.com/products/applications_manager/issues.html#v14880 | Issue Tracking Release Notes Vendor Advisory |
https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2020-27733.html | Release Notes Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
07 Oct 2022, 02:19
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:-:*:*:*:*:*:* | |
References | (MISC) https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2020-27733.html - Release Notes, Vendor Advisory | |
References | (MISC) https://www.manageengine.com/products/applications_manager/issues.html#v14880 - Issue Tracking, Release Notes, Vendor Advisory |
26 Jan 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
22 Jan 2021, 21:25
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14843:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14300:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14440:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14781:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14470:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14620:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14340:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14290:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14540:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14811:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14682:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14790:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14590:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14071:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14820:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14700:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14510:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14332:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14170:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14710:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14261:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14570:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14210:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14160:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14770:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14370:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14580:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14840:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14760:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14533:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14000:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14683:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14690:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14530:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14850:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14280:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14070:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14660:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14072:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14050:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14610:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14401:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14410:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14360:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14520:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14040:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14550:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14532:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14780:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14730:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:*:*:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14180:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14100:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14010:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14842:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14310:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14600:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14430:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14531:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14560:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14630:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14800:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14260:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14870:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14685:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14060:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14230:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14400:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14500:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14200:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14080:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14110:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14090:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14830:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14380:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14681:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14480:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14720:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14140:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14390:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14240:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14860:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14330:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14350:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14120:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14460:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14030:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14130:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14020:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14331:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14190:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14262:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14420:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14270:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14361:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14250:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14684:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14750:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14490:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14670:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14220:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14841:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14450:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14740:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14073:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14150:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 8.8 |
CWE | CWE-89 | |
References | (MISC) https://www.manageengine.com/products/applications_manager/issues.html#v14880 - Vendor Advisory |
19 Jan 2021, 16:19
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-01-19 16:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-27733
Mitre link : CVE-2020-27733
CVE.ORG link : CVE-2020-27733
JSON object : View
Products Affected
zohocorp
- manageengine_applications_manager
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')