CVE-2020-27733

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2020-27733
Zoho ManageEngine Applications Manager before 14 build 14880 allows an authenticated SQL Injection via a crafted Alarmview request.

8.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.5 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 8.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://www.manageengine.com/products/applications_manager/issues.html#v14880 Issue Tracking Release Notes Vendor Advisory
https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2020-27733.html Release Notes Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:-:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14000:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14010:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14020:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14030:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14040:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14050:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14060:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14070:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14071:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14072:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14073:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14080:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14090:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14100:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14110:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14120:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14130:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14140:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14150:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14160:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14170:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14180:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14190:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14200:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14210:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14220:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14230:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14240:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14250:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14260:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14261:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14262:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14270:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14280:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14290:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14300:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14310:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14330:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14331:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14332:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14340:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14350:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14360:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14361:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14370:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14380:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14390:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14400:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14401:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14410:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14420:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14430:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14440:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14450:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14460:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14470:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14480:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14490:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14500:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14510:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14520:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14530:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14531:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14532:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14533:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14540:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14550:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14560:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14570:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14580:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14590:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14600:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14610:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14620:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14630:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14660:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14670:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14681:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14682:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14683:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14684:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14685:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14690:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14700:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14710:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14720:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14730:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14740:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14750:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14760:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14770:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14780:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14781:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14790:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14800:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14811:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14820:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14830:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14840:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14841:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14842:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14843:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14850:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14860:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14870:*:*:*:*:*:*
History

No history.

Information

Published : 2021-01-19 16:15

Updated : 2024-02-04 21:23

NVD link : CVE-2020-27733

Mitre link : CVE-2020-27733

CVE.ORG link : CVE-2020-27733

JSON object : View

Products Affected

zohocorp

  • manageengine_applications_manager
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')