Zoho ManageEngine O365 Manager Plus up to 4415 ChangeDBAPI Privilege Escalation

A vulnerability classified as critical has been found in Zoho ManageEngine O365 Manager Plus up to 4415. This affects an unknown function of the component ChangeDBAPI. Upgrading to version 4416 eliminates this vulnerability. The upgrade is hosted for download at manageengine.com.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

020
119

Field

source_cve_nvd_summary1
exploit_price_0day1
vulnerability_cvss3_meta_tempscore1
vulnerability_cvss3_meta_basescore1
vulnerability_cvss3_vuldb_tempscore1

Commit Conf

90%26
50%12
70%1

Approve Conf

90%26
80%12
70%1
IDCommitedUserFieldChangeRemarksAcceptedReasonC
1205015201/15/2022VulD...cve_nvd_summaryZoho ManageEngine O365 Manager Plus before Build 4416 allows remote code execution via BCP file overwrite through the ChangeDBAPI component.cve.mitre.org01/15/2022accepted
70
1203714701/12/2022VulD...price_0day$0-$5ksee exploit price documentation01/12/2022accepted
90
1203714601/12/2022VulD...cvss3_meta_tempscore6.0see CVSS documentation01/12/2022accepted
90
1203714501/12/2022VulD...cvss3_meta_basescore6.3see CVSS documentation01/12/2022accepted
90
1203714401/12/2022VulD...cvss3_vuldb_tempscore6.0see CVSS documentation01/12/2022accepted
90
1203714301/12/2022VulD...cvss3_vuldb_basescore6.3see CVSS documentation01/12/2022accepted
90
1203714201/12/2022VulD...cvss2_vuldb_tempscore5.7see CVSS documentation01/12/2022accepted
90
1203714101/12/2022VulD...cvss2_vuldb_basescore6.5see CVSS documentation01/12/2022accepted
90
1203714001/12/2022VulD...cvss3_vuldb_eXderived from historical data01/12/2022accepted
80
1203713901/12/2022VulD...cvss3_vuldb_uiNderived from historical data01/12/2022accepted
80
1203713801/12/2022VulD...cvss3_vuldb_prLderived from historical data01/12/2022accepted
80
1203713701/12/2022VulD...cvss2_vuldb_eNDderived from historical data01/12/2022accepted
80
1203713601/12/2022VulD...cvss2_vuldb_auSderived from historical data01/12/2022accepted
80
1203713501/12/2022VulD...cvss2_vuldb_rlOFderived from vuldb v3 vector01/12/2022accepted
80
1203713401/12/2022VulD...cvss2_vuldb_rcCderived from vuldb v3 vector01/12/2022accepted
80
1203713301/12/2022VulD...cvss2_vuldb_aiPderived from vuldb v3 vector01/12/2022accepted
80
1203713201/12/2022VulD...cvss2_vuldb_iiPderived from vuldb v3 vector01/12/2022accepted
80
1203713101/12/2022VulD...cvss2_vuldb_ciPderived from vuldb v3 vector01/12/2022accepted
80
1203713001/12/2022VulD...cvss2_vuldb_acLderived from vuldb v3 vector01/12/2022accepted
80
1203712901/12/2022VulD...cvss2_vuldb_avNderived from vuldb v3 vector01/12/2022accepted
80

19 more entries are not shown

Do you want to use VulDB in your project?

Use the official API to access entries easily!