CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-15594

An SSRF issue was discovered in Zoho Application Control Plus before version 10.0.511. The mail gateway configuration feature allows an attacker to perform a scan in order to discover open ports on a machine as well as available machines on the network segment on which the instance of the product is deployed.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 56.5%

CVSS Severity

CVSS v3 Score 4.3

CVSS v2 Score 4.0

References

Products affected by CVE-2020-15594

Zohocorp » Manageengine Application Control Plus » Version: 10.0.504

cpe:2.3:a:zohocorp:manageengine_application_control_plus:10.0.504
Zohocorp » Manageengine Application Control Plus » Version: 10.0.505

cpe:2.3:a:zohocorp:manageengine_application_control_plus:10.0.505
Zohocorp » Manageengine Application Control Plus » Version: 10.0.506

cpe:2.3:a:zohocorp:manageengine_application_control_plus:10.0.506
Zohocorp » Manageengine Application Control Plus » Version: 10.0.510

cpe:2.3:a:zohocorp:manageengine_application_control_plus:10.0.510

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-15594

Products

Pricing

Contact Us