Zoho ManageEngine O365 Manager Plus up to 4415 ChangeDBAPI Privilege Escalation

EntryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical has been found in Zoho ManageEngine O365 Manager Plus up to 4415. This affects an unknown function of the component ChangeDBAPI. Upgrading to version 4416 eliminates this vulnerability. The upgrade is hosted for download at manageengine.com.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

0	20
1	19

Field

source_cve_nvd_summary	1
exploit_price_0day	1
vulnerability_cvss3_meta_tempscore	1
vulnerability_cvss3_meta_basescore	1
vulnerability_cvss3_vuldb_tempscore	1

Commit Conf

90%	26
50%	12
70%	1

Approve Conf

90%	26
80%	12
70%	1

ID	Commited	User	Field	Change	Remarks	Accepted	Reason	C
12050152	01/15/2022	VulD...	cve_nvd_summary	Zoho ManageEngine O365 Manager Plus before Build 4416 allows remote code execution via BCP file overwrite through the ChangeDBAPI component.	cve.mitre.org	01/15/2022	accepted	70
12037147	01/12/2022	VulD...	price_0day	$0-$5k	see exploit price documentation	01/12/2022	accepted	90
12037146	01/12/2022	VulD...	cvss3_meta_tempscore	6.0	see CVSS documentation	01/12/2022	accepted	90
12037145	01/12/2022	VulD...	cvss3_meta_basescore	6.3	see CVSS documentation	01/12/2022	accepted	90
12037144	01/12/2022	VulD...	cvss3_vuldb_tempscore	6.0	see CVSS documentation	01/12/2022	accepted	90
12037143	01/12/2022	VulD...	cvss3_vuldb_basescore	6.3	see CVSS documentation	01/12/2022	accepted	90
12037142	01/12/2022	VulD...	cvss2_vuldb_tempscore	5.7	see CVSS documentation	01/12/2022	accepted	90
12037141	01/12/2022	VulD...	cvss2_vuldb_basescore	6.5	see CVSS documentation	01/12/2022	accepted	90
12037140	01/12/2022	VulD...	cvss3_vuldb_e	X	derived from historical data	01/12/2022	accepted	80
12037139	01/12/2022	VulD...	cvss3_vuldb_ui	N	derived from historical data	01/12/2022	accepted	80
12037138	01/12/2022	VulD...	cvss3_vuldb_pr	L	derived from historical data	01/12/2022	accepted	80
12037137	01/12/2022	VulD...	cvss2_vuldb_e	ND	derived from historical data	01/12/2022	accepted	80
12037136	01/12/2022	VulD...	cvss2_vuldb_au	S	derived from historical data	01/12/2022	accepted	80
12037135	01/12/2022	VulD...	cvss2_vuldb_rl	OF	derived from vuldb v3 vector	01/12/2022	accepted	80
12037134	01/12/2022	VulD...	cvss2_vuldb_rc	C	derived from vuldb v3 vector	01/12/2022	accepted	80
12037133	01/12/2022	VulD...	cvss2_vuldb_ai	P	derived from vuldb v3 vector	01/12/2022	accepted	80
12037132	01/12/2022	VulD...	cvss2_vuldb_ii	P	derived from vuldb v3 vector	01/12/2022	accepted	80
12037131	01/12/2022	VulD...	cvss2_vuldb_ci	P	derived from vuldb v3 vector	01/12/2022	accepted	80
12037130	01/12/2022	VulD...	cvss2_vuldb_ac	L	derived from vuldb v3 vector	01/12/2022	accepted	80
12037129	01/12/2022	VulD...	cvss2_vuldb_av	N	derived from vuldb v3 vector	01/12/2022	accepted	80

19 more entries are not shown

🔒 Login Required

You need to signup and login to see more of the remaining 19 results.

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!