Lucene search

MitreCVE-2015-7387

HistorySep 28, 2015 - 3:59 p.m.

CVE-2015-7387

2015-09-2815:59:04

CWE-89

mitre

web.nvd.nist.gov

cve-2015-7387

zoho manageengine

eventlog analyzer

sql injection

remote attack

security vulnerability

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.3

Confidence

Low

EPSS

0.902

Percentile

98.8%

JSON

ZOHO ManageEngine EventLog Analyzer 10.6 build 10060 and earlier allows remote attackers to bypass intended restrictions and execute arbitrary SQL commands via an allowed query followed by a disallowed one in the query parameter to event/runQuery.do, as demonstrated by “SELECT 1;INSERT INTO.” Fixed in Build 11200.

Affected configurations

Nvd

Node

zohocorpmanageengine_eventlog_analyzerRange≤10.6

VendorProductVersionCPE
zohocorpmanageengine_eventlog_analyzer*cpe:2.3:a:zohocorp:manageengine_eventlog_analyzer:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
zohocorp	manageengine_eventlog_analyzer	*	cpe:2.3:a:zohocorp:manageengine_eventlog_analyzer::::::::

References

packetstormsecurity.com/files/133581/ManageEngine-EventLog-Analyzer-10.6-Build-10060-SQL-Query-Execution.html

packetstormsecurity.com/files/133747/ManageEngine-EventLog-Analyzer-Remote-Code-Execution.html

seclists.org/fulldisclosure/2015/Sep/59

www.rapid7.com/db/modules/exploit/windows/misc/manageengine_eventlog_analyzer_rce

www.exploit-db.com/exploits/38173/

www.exploit-db.com/exploits/38352/

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.3

Confidence

Low

EPSS

0.902

Percentile

98.8%

JSON

Related for CVE-2015-7387