Vulnerabilities > CVE-2020-24743 - Unspecified vulnerability in Zohocorp Manageengine Applications Manager

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

zohocorp

critical

NVD

Published: 2021-11-03

Updated: 2024-11-21

Summary

An issue was found in /showReports.do Zoho ManageEngine Applications Manager up to 14550, allows attackers to gain escalated privileges via the resourceid parameter.

Vulnerable Configurations

Part	Description	Count
Application	Zohocorp Zohocorp Manageengine Applications Manager 14.5 Zohocorp Manageengine Applications Manager 11.0 Zohocorp Manageengine Applications Manager 11.1 Zohocorp Manageengine Applications Manager 11.2 Zohocorp Manageengine Applications Manager 11.3 Zohocorp Manageengine Applications Manager 11.4 Zohocorp Manageengine Applications Manager 11.5 Zohocorp Manageengine Applications Manager 11.6 Zohocorp Manageengine Applications Manager 11.7 Zohocorp Manageengine Applications Manager 11.8 Zohocorp Manageengine Applications Manager 11.9 Zohocorp Manageengine Applications Manager 12.0 Zohocorp Manageengine Applications Manager 12.1 Zohocorp Manageengine Applications Manager 12.2 Zohocorp Manageengine Applications Manager 12.3 Zohocorp Manageengine Applications Manager 12.4 Zohocorp Manageengine Applications Manager 12.5 Zohocorp Manageengine Applications Manager 12.6 Zohocorp Manageengine Applications Manager 12.7 Zohocorp Manageengine Applications Manager 12.8 Zohocorp Manageengine Applications Manager 12.9 Zohocorp Manageengine Applications Manager 13 Zohocorp Manageengine Applications Manager 13.0 Zohocorp Manageengine Applications Manager 13.1 Zohocorp Manageengine Applications Manager 13.2 Zohocorp Manageengine Applications Manager 13.3 Zohocorp Manageengine Applications Manager 13.4 Zohocorp Manageengine Applications Manager 13.5 Zohocorp Manageengine Applications Manager 13.6 Zohocorp Manageengine Applications Manager 13.7 Zohocorp Manageengine Applications Manager 13.8 Zohocorp Manageengine Applications Manager 13.9 Zohocorp Manageengine Applications Manager 13.13820 Zohocorp Manageengine Applications Manager 14.0 Zohocorp Manageengine Applications Manager 14.1 Zohocorp Manageengine Applications Manager 14.2 Zohocorp Manageengine Applications Manager 14.3 Zohocorp Manageengine Applications Manager 14.4	292

Summary

Vulnerable Configurations

References