{ "id": "CVE-2020-35594", "sourceIdentifier": "cve@mitre.org", "published": "2021-03-05T17:15:14.187", "lastModified": "2021-03-11T21:58:47.617", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Zoho ManageEngine ADManager Plus before 7066 allows XSS." }, { "lang": "es", "value": "Zoho ManageEngine ADManager Plus versiones anteriores a 7066, permite un ataque de tipo XSS" } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 2.8, "impactScore": 2.7 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE", "baseScore": 4.3 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-79" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:*:*:*:*:*:*:*:*", "versionEndExcluding": "7.0", "matchCriteriaId": "1B2428F5-265B-4081-89E6-EAE2732B3E41" }, { "vulnerable": true, "criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:-:*:*:*:*:*:*", "matchCriteriaId": "E6162E29-CDBE-4AE0-8160-C4D6A99BFE35" }, { "vulnerable": true, "criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7000:*:*:*:*:*:*", "matchCriteriaId": "4DE6724F-80AA-4B3E-8CF1-1158F6C98AEA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7010:*:*:*:*:*:*", "matchCriteriaId": "A4D9B6E0-47A7-48D1-AF6A-A8512475ABD6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7011:*:*:*:*:*:*", "matchCriteriaId": "FFD7E625-FAA2-4452-9E18-5E4A61A93FDD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7020:*:*:*:*:*:*", "matchCriteriaId": "8504DAE3-6CD9-4640-9EB1-CB304DB79BE9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7030:*:*:*:*:*:*", "matchCriteriaId": "F42110FC-D21E-439E-BB8C-45C03F639CCC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7040:*:*:*:*:*:*", "matchCriteriaId": "612E5D11-83D1-4E80-B7A4-57F61690DFCB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7041:*:*:*:*:*:*", "matchCriteriaId": "C89C31C7-3196-47CD-9A9D-0761CEEB04E5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7050:*:*:*:*:*:*", "matchCriteriaId": "821C24DA-1C22-43ED-AD67-E947D323A3A0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7051:*:*:*:*:*:*", "matchCriteriaId": "FAFEF7B6-4B56-42C8-958B-E0B677F5D150" }, { "vulnerable": true, "criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7052:*:*:*:*:*:*", "matchCriteriaId": "43CEBA06-F115-41E9-8B3E-C004528340A5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7053:*:*:*:*:*:*", "matchCriteriaId": "E398D48C-AD94-4E84-9E3A-28A8586B3112" }, { "vulnerable": true, "criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7054:*:*:*:*:*:*", "matchCriteriaId": "3D042A11-638F-4485-A753-ACF2BE92D900" }, { "vulnerable": true, "criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7055:*:*:*:*:*:*", "matchCriteriaId": "6A08DCBD-FB40-4E8D-AA29-E4CA4811FB1A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7056:*:*:*:*:*:*", "matchCriteriaId": "EDEB04D2-0804-49D3-9594-7E71D6ED0710" }, { "vulnerable": true, "criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7060:*:*:*:*:*:*", "matchCriteriaId": "8677DEC0-07FA-4E46-9EB6-B5BD84CA7128" }, { "vulnerable": true, "criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7061:*:*:*:*:*:*", "matchCriteriaId": "9A5D33D3-6A4C-4E31-9F3B-3280DF70DF24" }, { "vulnerable": true, "criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7062:*:*:*:*:*:*", "matchCriteriaId": "E53B4C3C-7D4B-447B-AA00-E8542071C751" }, { "vulnerable": true, "criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7063:*:*:*:*:*:*", "matchCriteriaId": "6A4BB301-D085-46DF-9C96-B4DE040BA033" }, { "vulnerable": true, "criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7064:*:*:*:*:*:*", "matchCriteriaId": "F39F4354-815C-490C-AE8E-670148FE893F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7065:*:*:*:*:*:*", "matchCriteriaId": "A7D0D80C-3267-4D13-83DE-344BCF1FF39D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7066:*:*:*:*:*:*", "matchCriteriaId": "1D2E1C9F-D239-41BE-B924-E57D30923877" } ] } ] } ], "references": [ { "url": "https://www.manageengine.com/products/ad-manager/release-notes.html#7066", "source": "cve@mitre.org", "tags": [ "Release Notes", "Vendor Advisory" ] } ] }