CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-11532

Zoho ManageEngine DataSecurity Plus prior to 6.0.1 uses default admin credentials to communicate with a DataEngine Xnode server. This allows an attacker to bypass authentication for this server and execute all operations in the context of admin user.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.905

EPSS Ranking 99.6%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

Products affected by CVE-2020-11532

Zohocorp » Manageengine Adaudit Plus » Version: N/A

cpe:2.3:a:zohocorp:manageengine_adaudit_plus:-
Zohocorp » Manageengine Adaudit Plus » Version: 4.1.0

cpe:2.3:a:zohocorp:manageengine_adaudit_plus:4.1.0
Zohocorp » Manageengine Adaudit Plus » Version: 4.5.0

cpe:2.3:a:zohocorp:manageengine_adaudit_plus:4.5.0
Zohocorp » Manageengine Adaudit Plus » Version: 5.0.0

cpe:2.3:a:zohocorp:manageengine_adaudit_plus:5.0.0
Zohocorp » Manageengine Adaudit Plus » Version: 5.1

cpe:2.3:a:zohocorp:manageengine_adaudit_plus:5.1
Zohocorp » Manageengine Adaudit Plus » Version: 6.0

cpe:2.3:a:zohocorp:manageengine_adaudit_plus:6.0
Zohocorp » Manageengine Adaudit Plus » Version: 6.0.1

cpe:2.3:a:zohocorp:manageengine_adaudit_plus:6.0.1
Zohocorp » Manageengine Datasecurity Plus » Version: N/A

cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:-
Zohocorp » Manageengine Datasecurity Plus » Version: 4.0

cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:4.0
Zohocorp » Manageengine Datasecurity Plus » Version: 4.1

cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:4.1
Zohocorp » Manageengine Datasecurity Plus » Version: 4.2

cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:4.2
Zohocorp » Manageengine Datasecurity Plus » Version: 4.3

cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:4.3
Zohocorp » Manageengine Datasecurity Plus » Version: 5.0

cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:5.0
Zohocorp » Manageengine Datasecurity Plus » Version: 6.0

cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-11532

Products

Pricing

Contact Us