Lucene search
0fc0942c-577d-436f-ae8e-945763c79b02NVD:CVE-2024-5471HistoryJul 17, 2024 - 11:15 a.m.
CVE-2024-5471
2024-07-1711:15:10
CWE-798
0fc0942c-577d-436f-ae8e-945763c79b02
web.nvd.nist.gov
7
zohocorp manageengine ddi central
agent takeover vulnerability
hard-coded sensitive keys
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.012
Percentile
85.5%
Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to agent takeover vulnerability due to the hard-coded sensitive keys.
Affected configurations
Node
zohocorpmanageengine_ddi_centralRange<4002
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zohocorp | manageengine_ddi_central | * | cpe:2.3:a:zohocorp:manageengine_ddi_central:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2024-5471 Agent takeover
2024-07-17 10:56:53
cve
cve
CVE-2024-5471
2024-07-17 11:15:10
vulnrichment
vulnrichment
CVE-2024-5471 Agent takeover
2024-07-17 10:56:53
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.012
Percentile
85.5%
Related for NVD:CVE-2024-5471