Vulnerability Details CVE-2018-5339
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: insufficient enforcement of database query type restrictions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.025
EPSS Ranking 84.5%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://www.manageengine.com/products/desktop-central/query-restriction-bypass-vulnerability.html
- https://www.nccgroup.trust/uk/our-research/technical-advisory-multiple-vulnerabilities-in-manageengine-desktop-central/
- https://www.manageengine.com/products/desktop-central/query-restriction-bypass-vulnerability.html
- https://www.nccgroup.trust/uk/our-research/technical-advisory-multiple-vulnerabilities-in-manageengine-desktop-central/
Products affected by CVE-2018-5339
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.0.124
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.0.184