CVE-2020-11532 – ManageEngine DataSecurity Plus Xnode Enumeration
https://notcve.org/view.php?id=CVE-2020-11532
Zoho ManageEngine DataSecurity Plus prior to 6.0.1 uses default admin credentials to communicate with a DataEngine Xnode server. This allows an attacker to bypass authentication for this server and execute all operations in the context of admin user. Zoho ManageEngine DataSecurity Plus versiones anteriores a 6.0.1, utiliza credenciales de administrador predeterminadas para comunicarse con un servidor DataEngine Xnode. Esto permite a un atacante omitir la autenticación para este servidor y ejecutar todas las operaciones en el contexto del usuario administrador. ManageEngine DataSecurity Plus versions prior to 6.0.1 and ADAudit Plus versions prior to 6.0.3 suffer from an authentication bypass vulnerability. • http://packetstormsecurity.com/files/157609/ManageEngine-DataSecurity-Plus-Authentication-Bypass.html http://seclists.org/fulldisclosure/2020/May/28 https://pitstop.manageengine.com/portal/community/topic/upgrade-datasecurity-plus-to-the-build-6013-to-fix-security-issues - • CWE-1188: Initialization of a Resource with an Insecure Default •
CVE-2020-11531 – ManageEngine DataSecurity Plus Path Traversal / Code Execution
https://notcve.org/view.php?id=CVE-2020-11531
The DataEngine Xnode Server application in Zoho ManageEngine DataSecurity Plus prior to 6.0.1 does not validate the database schema name when handling a DR-SCHEMA-SYNC request. This allows an authenticated attacker to execute code in the context of the product by writing a JSP file to the webroot directory via directory traversal. La aplicación DataEngine Xnode Server en Zoho ManageEngine DataSecurity Plus versiones anteriores a 6.0.1, no comprueba el nombre del esquema de la base de datos al manejar una petición DR-SCHEMA-SYNC. Esto permite a un atacante autenticado ejecutar código en el contexto del producto al escribir un archivo JSP en el directorio webroot por medio de un salto de directorio. ManageEngine DataSecurity Plus versions prior to 6.0.1 and ADAudit Plus versions prior to 6.0.3 suffers from a path traversal vulnerability that can lead to remote code execution. • http://packetstormsecurity.com/files/157604/ManageEngine-DataSecurity-Plus-Path-Traversal-Code-Execution.html http://seclists.org/fulldisclosure/2020/May/27 https://pitstop.manageengine.com/portal/community/topic/upgrade-datasecurity-plus-to-the-build-6013-to-fix-security-issues • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2018-19118
https://notcve.org/view.php?id=CVE-2018-19118
Zoho ManageEngine ADAudit before 5.1 build 5120 allows remote attackers to cause a denial of service (stack-based buffer overflow) via the 'Domain Name' field when adding a new domain. Zoho ManageEngine ADAudit en versiones anteriores a la 5.1 build 5120 permite que atacantes remotos provoquen una denegación de servicio (desbordamiento de búfer basado en pila) mediante el campo "Domain Name" al añadir un nuevo dominio. • https://www.manageengine.com/products/active-directory-audit/adaudit-plus-release-notes.html • CWE-787: Out-of-bounds Write •
CVE-2018-10466
https://notcve.org/view.php?id=CVE-2018-10466
Zoho ManageEngine ADAudit Plus before 5.0.0 build 5100 allows blind SQL Injection. Zoho ManageEngine ADAudit Plus en versiones anteriores a la 5.0.0 build 5100 permite la inyección SQL ciega. • https://vulmon.com/vulnerabilitydetails?qid=CVE-2018-10466 https://www.manageengine.com/products/active-directory-audit/adaudit-plus-release-notes.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •