Vulnerabilities > CVE-2020-28653 - Unspecified vulnerability in Zohocorp Manageengine Opmanager
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Zoho ManageEngine OpManager Stable build before 125203 (and Released build before 125233) allows Remote Code Execution via the Smart Update Manager (SUM) servlet.
Vulnerable Configurations
References
- http://packetstormsecurity.com/files/164231/ManageEngine-OpManager-SumPDU-Java-Deserialization.html
- http://packetstormsecurity.com/files/164231/ManageEngine-OpManager-SumPDU-Java-Deserialization.html
- https://www.manageengine.com/network-monitoring/help/read-me-complete.html#125203
- https://www.manageengine.com/network-monitoring/help/read-me-complete.html#125203
- https://www.manageengine.com/network-monitoring/help/read-me-complete.html#125233
- https://www.manageengine.com/network-monitoring/help/read-me-complete.html#125233