CVE-2014-6036

Directory traversal vulnerability in the multipartRequest servlet in ZOHO ManageEngine OpManager 11.3 and earlier, Social IT Plus 11.0, and IT360 10.3, 10.4, and earlier allows remote attackers or remote authenticated users to delete arbitrary files via a .. (dot dot) in the fileName parameter.

CVSS v2.0 6.4 MEDIUM

6.4^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:P

Exploitability : 10.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://seclists.org/fulldisclosure/2014/Sep/110	Exploit
https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_opmanager_socialit_it360.txt	Exploit
https://support.zoho.com/portal/manageengine/helpcenter/articles/servlet-vulnerability-fix	Patch
http://seclists.org/fulldisclosure/2014/Sep/110	Exploit
https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_opmanager_socialit_it360.txt	Exploit
https://support.zoho.com/portal/manageengine/helpcenter/articles/servlet-vulnerability-fix	Patch

Configurations

Configuration 1 (hide)

cpe:2.3:a:zohocorp:manageengine_opmanager:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:a:zohocorp:manageengine_it360::::::::
	cpe:2.3:a:zohocorp:manageengine_it360:10.3.0:::::::*

Configuration 3 (hide)

cpe:2.3:a:zohocorp:manageengine_social_it_plus:11.0:*:*:*:*:*:*:*

History

21 Nov 2024, 02:13

Type	Values Removed	Values Added
References	~~() http://seclists.org/fulldisclosure/2014/Sep/110 - Exploit~~	() http://seclists.org/fulldisclosure/2014/Sep/110 - Exploit
References	~~() https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_opmanager_socialit_it360.txt - Exploit~~	() https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_opmanager_socialit_it360.txt - Exploit
References	~~() https://support.zoho.com/portal/manageengine/helpcenter/articles/servlet-vulnerability-fix - Patch~~	() https://support.zoho.com/portal/manageengine/helpcenter/articles/servlet-vulnerability-fix - Patch

Information

Published : 2014-12-04 17:59

Updated : 2025-04-12 10:46

NVD link : CVE-2014-6036

Mitre link : CVE-2014-6036

CVE.ORG link : CVE-2014-6036

JSON object : View

Products Affected

zohocorp

manageengine_it360
manageengine_opmanager
manageengine_social_it_plus

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2014-6036", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-12-04T17:59:04.673", "references": [{"url": "http://seclists.org/fulldisclosure/2014/Sep/110", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_opmanager_socialit_it360.txt", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/servlet-vulnerability-fix", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://seclists.org/fulldisclosure/2014/Sep/110", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_opmanager_socialit_it360.txt", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/servlet-vulnerability-fix", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in the multipartRequest servlet in ZOHO ManageEngine OpManager 11.3 and earlier, Social IT Plus 11.0, and IT360 10.3, 10.4, and earlier allows remote attackers or remote authenticated users to delete arbitrary files via a .. (dot dot) in the fileName parameter."}, {"lang": "es", "value": "Vulnerabilidad de salto de directorio en el servlet multipartRequest en ZOHO ManageEngine OpManager 11.3 y anteriores, Social IT Plus 11.0, y IT360 10.3, 10.4, anteriores permite a atacantes remotos o usuarios remotos autenticados eliminar ficheros arbitrarios a trav\u00e9s de un .. (punto punto) en el par\u00e1metro fileName."}], "lastModified": "2025-04-12T10:46:40.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66913D18-7CFF-4375-9FAB-3DB0D8802CB4", "versionEndIncluding": "11.3"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:zohocorp:manageengine_it360:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8FA5A84F-8B14-4BC4-8CBD-37178AE42DB8", "versionEndIncluding": "10.4"}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_it360:10.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9176D056-7350-4371-8F7E-87C2521EEBF2"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:zohocorp:manageengine_social_it_plus:11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B68292A0-79E4-4CEE-844E-05342994E534"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}

6.4 /10