You are viewing this page in an unauthorized frame window.
This is a potential security issue, you are being redirected to
https://nvd.nist.gov
An official website of the United States government
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock () or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
OR
*cpe:2.3:a:zohocorp:log360:*:*:*:*:*:*:*:* versions up to (including) 5.2.2
*cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:*:*:*:*:*:*:*:* versions up to (including) 4.1.1.7
Added
CPE Configuration
OR
*cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:*:*:*:*:*:*:*:* versions up to (excluding) 4.1
*cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:-:*:*:*:*:*:*
*cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:build4110:*:*:*:*:*:*
*cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:build4111:*:*:*:*:*:*
*cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:build4112:*:*:*:*:*:*
*cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:build4113:*:*:*:*:*:*
*cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:build4115:*:*:*:*:*:*
*cpe:2.3:a:zohocorp:manageengine_cloud_security_plus:4.1:build4116:*:*:*:*:*:*
Added
CVSS V2
NIST (AV:N/AC:L/Au:S/C:P/I:P/A:P)
Added
CVSS V3.1
NIST AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Added
CWE
NIST CWE-434
Changed
Reference Type
https://sahildhar.github.io/blogpost/Zoho-ManageEngine-CloudSecurityPlus-Remote-Code-Execution-via-Security-Misconfiguration/ No Types Assigned