Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2018-20664
HistoryJan 03, 2019 - 7:29 p.m.

CVE-2018-20664

2019-01-0319:29:01
CWE-611
mitre
web.nvd.nist.gov
25
cve-2018-20664
zoho manageengine
adselfservice plus
xxe
security vulnerability

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.019

Percentile

88.5%

JSON

Zoho ManageEngine ADSelfService Plus 5.x before build 5701 has XXE via an uploaded product license.

Affected configurations

Nvd
Node
zohocorpmanageengine_adselfservice_plusMatch5.74500
OR
zohocorpmanageengine_adselfservice_plusMatch5.75032
OR
zohocorpmanageengine_adselfservice_plusMatch5.75040
OR
zohocorpmanageengine_adselfservice_plusMatch5.75041
OR
zohocorpmanageengine_adselfservice_plusMatch5.75100
OR
zohocorpmanageengine_adselfservice_plusMatch5.75101
OR
zohocorpmanageengine_adselfservice_plusMatch5.75102
OR
zohocorpmanageengine_adselfservice_plusMatch5.75103
OR
zohocorpmanageengine_adselfservice_plusMatch5.75104
OR
zohocorpmanageengine_adselfservice_plusMatch5.75105
OR
zohocorpmanageengine_adselfservice_plusMatch5.75106
OR
zohocorpmanageengine_adselfservice_plusMatch5.75107
OR
zohocorpmanageengine_adselfservice_plusMatch5.75108
OR
zohocorpmanageengine_adselfservice_plusMatch5.75109
OR
zohocorpmanageengine_adselfservice_plusMatch5.75110
OR
zohocorpmanageengine_adselfservice_plusMatch5.75111
OR
zohocorpmanageengine_adselfservice_plusMatch5.75112
OR
zohocorpmanageengine_adselfservice_plusMatch5.75113
OR
zohocorpmanageengine_adselfservice_plusMatch5.75114
OR
zohocorpmanageengine_adselfservice_plusMatch5.75115
OR
zohocorpmanageengine_adselfservice_plusMatch5.75116
OR
zohocorpmanageengine_adselfservice_plusMatch5.75200
OR
zohocorpmanageengine_adselfservice_plusMatch5.75201
OR
zohocorpmanageengine_adselfservice_plusMatch5.75202
OR
zohocorpmanageengine_adselfservice_plusMatch5.75203
OR
zohocorpmanageengine_adselfservice_plusMatch5.75204
OR
zohocorpmanageengine_adselfservice_plusMatch5.75205
OR
zohocorpmanageengine_adselfservice_plusMatch5.75206
OR
zohocorpmanageengine_adselfservice_plusMatch5.75207
OR
zohocorpmanageengine_adselfservice_plusMatch5.75300
OR
zohocorpmanageengine_adselfservice_plusMatch5.75301
OR
zohocorpmanageengine_adselfservice_plusMatch5.75302
OR
zohocorpmanageengine_adselfservice_plusMatch5.75303
OR
zohocorpmanageengine_adselfservice_plusMatch5.75304
OR
zohocorpmanageengine_adselfservice_plusMatch5.75305
OR
zohocorpmanageengine_adselfservice_plusMatch5.75306
OR
zohocorpmanageengine_adselfservice_plusMatch5.75307
OR
zohocorpmanageengine_adselfservice_plusMatch5.75308
OR
zohocorpmanageengine_adselfservice_plusMatch5.75309
OR
zohocorpmanageengine_adselfservice_plusMatch5.75310
OR
zohocorpmanageengine_adselfservice_plusMatch5.75311
OR
zohocorpmanageengine_adselfservice_plusMatch5.75312
OR
zohocorpmanageengine_adselfservice_plusMatch5.75313
OR
zohocorpmanageengine_adselfservice_plusMatch5.75314
OR
zohocorpmanageengine_adselfservice_plusMatch5.75315
OR
zohocorpmanageengine_adselfservice_plusMatch5.75316
OR
zohocorpmanageengine_adselfservice_plusMatch5.75317
OR
zohocorpmanageengine_adselfservice_plusMatch5.75318
OR
zohocorpmanageengine_adselfservice_plusMatch5.75319
OR
zohocorpmanageengine_adselfservice_plusMatch5.75320
OR
zohocorpmanageengine_adselfservice_plusMatch5.75321
OR
zohocorpmanageengine_adselfservice_plusMatch5.75322
OR
zohocorpmanageengine_adselfservice_plusMatch5.75323
OR
zohocorpmanageengine_adselfservice_plusMatch5.75324
OR
zohocorpmanageengine_adselfservice_plusMatch5.75325
OR
zohocorpmanageengine_adselfservice_plusMatch5.75326
OR
zohocorpmanageengine_adselfservice_plusMatch5.75327
OR
zohocorpmanageengine_adselfservice_plusMatch5.75328
OR
zohocorpmanageengine_adselfservice_plusMatch5.75329
OR
zohocorpmanageengine_adselfservice_plusMatch5.75330
OR
zohocorpmanageengine_adselfservice_plusMatch5.75400
OR
zohocorpmanageengine_adselfservice_plusMatch5.75500
OR
zohocorpmanageengine_adselfservice_plusMatch5.75501
OR
zohocorpmanageengine_adselfservice_plusMatch5.75502
OR
zohocorpmanageengine_adselfservice_plusMatch5.75503
OR
zohocorpmanageengine_adselfservice_plusMatch5.75504
OR
zohocorpmanageengine_adselfservice_plusMatch5.75505
OR
zohocorpmanageengine_adselfservice_plusMatch5.75506
OR
zohocorpmanageengine_adselfservice_plusMatch5.75507
OR
zohocorpmanageengine_adselfservice_plusMatch5.75508
OR
zohocorpmanageengine_adselfservice_plusMatch5.75509
OR
zohocorpmanageengine_adselfservice_plusMatch5.75510
OR
zohocorpmanageengine_adselfservice_plusMatch5.75511
OR
zohocorpmanageengine_adselfservice_plusMatch5.75512
OR
zohocorpmanageengine_adselfservice_plusMatch5.75513
OR
zohocorpmanageengine_adselfservice_plusMatch5.75514
OR
zohocorpmanageengine_adselfservice_plusMatch5.75515
OR
zohocorpmanageengine_adselfservice_plusMatch5.75516
OR
zohocorpmanageengine_adselfservice_plusMatch5.75517
OR
zohocorpmanageengine_adselfservice_plusMatch5.75518
OR
zohocorpmanageengine_adselfservice_plusMatch5.75519
OR
zohocorpmanageengine_adselfservice_plusMatch5.75520
OR
zohocorpmanageengine_adselfservice_plusMatch5.75521
OR
zohocorpmanageengine_adselfservice_plusMatch5.75600
OR
zohocorpmanageengine_adselfservice_plusMatch5.75601
OR
zohocorpmanageengine_adselfservice_plusMatch5.75602
OR
zohocorpmanageengine_adselfservice_plusMatch5.75603
OR
zohocorpmanageengine_adselfservice_plusMatch5.75604
OR
zohocorpmanageengine_adselfservice_plusMatch5.75605
OR
zohocorpmanageengine_adselfservice_plusMatch5.75606
OR
zohocorpmanageengine_adselfservice_plusMatch5.75607
OR
zohocorpmanageengine_adselfservice_plusMatch5.75700
VendorProductVersionCPE
zohocorpmanageengine_adselfservice_plus5.7cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:4500:*:*:*:*:*:*
zohocorpmanageengine_adselfservice_plus5.7cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5032:*:*:*:*:*:*
zohocorpmanageengine_adselfservice_plus5.7cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5040:*:*:*:*:*:*
zohocorpmanageengine_adselfservice_plus5.7cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5041:*:*:*:*:*:*
zohocorpmanageengine_adselfservice_plus5.7cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5100:*:*:*:*:*:*
zohocorpmanageengine_adselfservice_plus5.7cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5101:*:*:*:*:*:*
zohocorpmanageengine_adselfservice_plus5.7cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5102:*:*:*:*:*:*
zohocorpmanageengine_adselfservice_plus5.7cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5103:*:*:*:*:*:*
zohocorpmanageengine_adselfservice_plus5.7cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5104:*:*:*:*:*:*
zohocorpmanageengine_adselfservice_plus5.7cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5105:*:*:*:*:*:*
Rows per page:
1-10 of 921

Related

prion 1
cvelist 1
nvd 1
prion
prion
Code injection
2019-01-03 19:29:00
cvelist
cvelist
CVE-2018-20664
2019-01-03 18:00:00
nvd
nvd
CVE-2018-20664
2019-01-03 19:29:01

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.019

Percentile

88.5%

JSON
Related for CVE-2018-20664
prion1cvelist1nvd1