Vulnerabilities > CVE-2020-24743 - Unspecified vulnerability in Zohocorp Manageengine Applications Manager

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

zohocorp

NVD

Published: 2021-11-03

Updated: 2021-11-05

Summary

An issue was found in /showReports.do Zoho ManageEngine Applications Manager up to 14550, allows attackers to gain escalated privileges via the resourceid parameter.

Vulnerable Configurations

Part	Description	Count
Application	Zohocorp Zohocorp Manageengine Applications Manager 11.0 Zohocorp Manageengine Applications Manager 11.1 Zohocorp Manageengine Applications Manager 11.2 Zohocorp Manageengine Applications Manager 11.3 Zohocorp Manageengine Applications Manager 11.4 Zohocorp Manageengine Applications Manager 11.5 Zohocorp Manageengine Applications Manager 11.6 Zohocorp Manageengine Applications Manager 11.7 Zohocorp Manageengine Applications Manager 11.8 Zohocorp Manageengine Applications Manager 11.9 Zohocorp Manageengine Applications Manager 12.0 Zohocorp Manageengine Applications Manager 12.1 Zohocorp Manageengine Applications Manager 12.2 Zohocorp Manageengine Applications Manager 12.3 Zohocorp Manageengine Applications Manager 12.4 Zohocorp Manageengine Applications Manager 12.5 Zohocorp Manageengine Applications Manager 12.6 Zohocorp Manageengine Applications Manager 12.7 Zohocorp Manageengine Applications Manager 12.8 Zohocorp Manageengine Applications Manager 12.9 Zohocorp Manageengine Applications Manager 13 Zohocorp Manageengine Applications Manager 13.0 Zohocorp Manageengine Applications Manager 13.1 Zohocorp Manageengine Applications Manager 13.2 Zohocorp Manageengine Applications Manager 13.3 Zohocorp Manageengine Applications Manager 13.4 Zohocorp Manageengine Applications Manager 13.5 Zohocorp Manageengine Applications Manager 13.6 Zohocorp Manageengine Applications Manager 13.7 Zohocorp Manageengine Applications Manager 13.8 Zohocorp Manageengine Applications Manager 13.9 Zohocorp Manageengine Applications Manager 13.13820 Zohocorp Manageengine Applications Manager 14.0 Zohocorp Manageengine Applications Manager 14.1 Zohocorp Manageengine Applications Manager 14.2 Zohocorp Manageengine Applications Manager 14.3 Zohocorp Manageengine Applications Manager 14.4 Zohocorp Manageengine Applications Manager 14.5	175

References

https://www.manageengine.com/products/applications_manager/issues.html#v14550