CVE-2016-9489 in Applications Managerالمعلومات

الملخص

بحسب MITRE

In ManageEngine Applications Manager 12 and 13, an authenticated user is able to alter all of their own properties, including own group, i.e. changing their group to one with higher privileges like "ADMIN". A user is also able to change properties of another user, e.g. change another user's password.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

حجز

21/11/2016

إفشاء

13/07/2018

الاعتدال

تمت الموافقة

إدخال

VDB-121457

CPE

جاهز

CWE

CWE-264 (مؤكد)

CVSS

8.8 (NVD)

EPSS

0.00285

KEV

لا

النشاطات

منخفض جدًا

القطاع

Industry, Hospital, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-9489
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-9489
CVE Details	https://www.cvedetails.com/cve/CVE-2016-9489/

التالي ▸نظرة عامة ◂ السابق

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!