7.5

CVE-2020-11527

In Zoho ManageEngine OpManager before 12.4.181, an unauthenticated remote attacker can send a specially crafted URI to read arbitrary files.

Data is provided by the National Vulnerability Database (NVD)
ZohocorpManageengine Opmanager Version < 12.4
ZohocorpManageengine Opmanager Version12.4 Update-
ZohocorpManageengine Opmanager Version12.4 Updatebuild124000
ZohocorpManageengine Opmanager Version12.4 Updatebuild124011
ZohocorpManageengine Opmanager Version12.4 Updatebuild124012
ZohocorpManageengine Opmanager Version12.4 Updatebuild124013
ZohocorpManageengine Opmanager Version12.4 Updatebuild124014
ZohocorpManageengine Opmanager Version12.4 Updatebuild124015
ZohocorpManageengine Opmanager Version12.4 Updatebuild124016
ZohocorpManageengine Opmanager Version12.4 Updatebuild124022
ZohocorpManageengine Opmanager Version12.4 Updatebuild124023
ZohocorpManageengine Opmanager Version12.4 Updatebuild124024
ZohocorpManageengine Opmanager Version12.4 Updatebuild124025
ZohocorpManageengine Opmanager Version12.4 Updatebuild124026
ZohocorpManageengine Opmanager Version12.4 Updatebuild124027
ZohocorpManageengine Opmanager Version12.4 Updatebuild124030
ZohocorpManageengine Opmanager Version12.4 Updatebuild124033
ZohocorpManageengine Opmanager Version12.4 Updatebuild124037
ZohocorpManageengine Opmanager Version12.4 Updatebuild124039
ZohocorpManageengine Opmanager Version12.4 Updatebuild124040
ZohocorpManageengine Opmanager Version12.4 Updatebuild124041
ZohocorpManageengine Opmanager Version12.4 Updatebuild124042
ZohocorpManageengine Opmanager Version12.4 Updatebuild124043
ZohocorpManageengine Opmanager Version12.4 Updatebuild124051
ZohocorpManageengine Opmanager Version12.4 Updatebuild124053
ZohocorpManageengine Opmanager Version12.4 Updatebuild124054
ZohocorpManageengine Opmanager Version12.4 Updatebuild124056
ZohocorpManageengine Opmanager Version12.4 Updatebuild124058
ZohocorpManageengine Opmanager Version12.4 Updatebuild124065
ZohocorpManageengine Opmanager Version12.4 Updatebuild124066
ZohocorpManageengine Opmanager Version12.4 Updatebuild124067
ZohocorpManageengine Opmanager Version12.4 Updatebuild124069
ZohocorpManageengine Opmanager Version12.4 Updatebuild124070
ZohocorpManageengine Opmanager Version12.4 Updatebuild124071
ZohocorpManageengine Opmanager Version12.4 Updatebuild124074
ZohocorpManageengine Opmanager Version12.4 Updatebuild124075
ZohocorpManageengine Opmanager Version12.4 Updatebuild124081
ZohocorpManageengine Opmanager Version12.4 Updatebuild124082
ZohocorpManageengine Opmanager Version12.4 Updatebuild124085
ZohocorpManageengine Opmanager Version12.4 Updatebuild124086
ZohocorpManageengine Opmanager Version12.4 Updatebuild124087
ZohocorpManageengine Opmanager Version12.4 Updatebuild124089
ZohocorpManageengine Opmanager Version12.4 Updatebuild124095
ZohocorpManageengine Opmanager Version12.4 Updatebuild124096
ZohocorpManageengine Opmanager Version12.4 Updatebuild124097
ZohocorpManageengine Opmanager Version12.4 Updatebuild124098
ZohocorpManageengine Opmanager Version12.4 Updatebuild124099
ZohocorpManageengine Opmanager Version12.4 Updatebuild124100
ZohocorpManageengine Opmanager Version12.4 Updatebuild124101
ZohocorpManageengine Opmanager Version12.4 Updatebuild124102
ZohocorpManageengine Opmanager Version12.4 Updatebuild124168
ZohocorpManageengine Opmanager Version12.4 Updatebuild124169
ZohocorpManageengine Opmanager Version12.4 Updatebuild124175
ZohocorpManageengine Opmanager Version12.4 Updatebuild124176
ZohocorpManageengine Opmanager Version12.4 Updatebuild124178
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 13.62% 0.939
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N