CVE-2020-28679

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2020-28679
A vulnerability in the showReports module of Zoho ManageEngine Applications Manager before build 14550 allows authenticated attackers to execute a SQL injection via a crafted request.

8.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.5 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 8.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://www.manageengine.com/products/applications_manager/issues.html#v14550 Release Notes Vendor Advisory
https://www.manageengine.com/products/applications_manager/issues.html#v14550 Release Notes Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:zohocorp:manageengine_applications_manager:11.0:build11010:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.0:build11020:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.0:build11030:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.0:build11040:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.0:build11100:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.1:build11110:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.2:build11200:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.2:build11210:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.2:build11220:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.3:build11300:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.4:build11410:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.5:build11520:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.6:build11610:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.7:build11700:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.8:build11800:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.9:build11900:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.9:build11912:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:12.0:build12000:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:12.0:build12010:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:12.0:build12020:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:12.1:build12100:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:12.1:build12120:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:12.2:build12200:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:12.2:build12210:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:12.3:build12300:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:12.5:build12500:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:12.6:build12600:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:12.7:build12700:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:12.7:build12710:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:12.8:build12810:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:12.9:build12900:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.0:build13000:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.1:build13100:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.2:build13200:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.2:build13210:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.3:build13300:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.4:build13400:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.4:build13410:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.4:build13420:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.4:build13430:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.4:build13440:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.4:build13450:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.5:build13500:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.5:build13510:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.5:build13520:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.5:build13530:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.5:build13540:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.5:build13550:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.5:build13560:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.5:build13570:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.5:build13580:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.5:build13590:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.5:build13591:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.6:build13600:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.6:build13610:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.6:build13620:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.6:build13630:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.6:build13640:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.6:build13650:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.6:build13660:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.6:build13670:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.6:build13680:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.6:build13690:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.7:build13700:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.7:build13710:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.7:build13720:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.7:build13730:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.7:build13740:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.7:build13750:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.7:build13760:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.7:build13770:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.7:build13780:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.7:build13790:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.8:build13800:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.8:build13810:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.8:build13820:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.8:build13830:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.8:build13831:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.8:build13840:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.8:build13850:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.8:build13860:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.8:build13870:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.8:build13880:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.8:build13890:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.9:build13900:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.9:build13910:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.9:build13920:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.9:build13930:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.9:build13940:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.9:build13950:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.9:build13960:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.9:build13970:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.9:build13980:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.9:build13990:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14000:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14010:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14020:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14030:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14040:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14050:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14060:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14070:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14071:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14072:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14073:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14080:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14090:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.1:build14100:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.1:build14110:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.1:build14120:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.1:build14130:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.1:build14140:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.1:build14150:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.1:build14160:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.1:build14170:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.1:build14180:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.1:build14190:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.2:build14200:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.2:build14210:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.2:build14220:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.2:build14230:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.2:build14240:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.2:build14250:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.2:build14260:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.2:build14261:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.2:build14262:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.2:build14270:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.2:build14280:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.2:build14290:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.3:build14300:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.3:build14310:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.3:build14330:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.3:build14331:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.3:build14332:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.3:build14340:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.3:build14350:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.3:build14360:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.3:build14361:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.3:build14370:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.3:build14380:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.3:build14390:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.4:build14400:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.4:build14401:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.4:build14410:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.4:build14420:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.4:build14430:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.4:build14440:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.4:build14450:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.4:build14460:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.4:build14470:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.4:build14480:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.4:build14490:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.5:build14500:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.5:build14510:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.5:build14520:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.5:build14530:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.5:build14540:*:*:*:*:*:*
History

21 Nov 2024, 05:23

Type Values Removed Values Added
References () https://www.manageengine.com/products/applications_manager/issues.html#v14550 - Release Notes, Vendor Advisory () https://www.manageengine.com/products/applications_manager/issues.html#v14550 - Release Notes, Vendor Advisory
Information

Published : 2022-01-10 18:15

Updated : 2024-11-21 05:23

NVD link : CVE-2020-28679

Mitre link : CVE-2020-28679

CVE.ORG link : CVE-2020-28679

JSON object : View

Products Affected

zohocorp

  • manageengine_applications_manager
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')