Vulnerability Details : CVE-2020-11518
Zoho ManageEngine ADSelfService Plus before 5815 allows unauthenticated remote code execution.
Vulnerability category: Execute code
Products affected by CVE-2020-11518
- cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:*:*:*:*:*:*:*:*
- cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5800:*:*:*:*:*:*
- cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5801:*:*:*:*:*:*
- cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5802:*:*:*:*:*:*
- cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5803:*:*:*:*:*:*
- cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5804:*:*:*:*:*:*
- cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5805:*:*:*:*:*:*
- cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5806:*:*:*:*:*:*
- cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5807:*:*:*:*:*:*
- cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5808:*:*:*:*:*:*
- cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:-:*:*:*:*:*:*
- cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5809:*:*:*:*:*:*
- cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5810:*:*:*:*:*:*
- cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5811:*:*:*:*:*:*
- cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5812:*:*:*:*:*:*
- cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5813:*:*:*:*:*:*
- cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5814:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-11518
0.73%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 81 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-11518
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
References for CVE-2020-11518
-
https://pitstop.manageengine.com/portal/community/topic/adselfservice-plus-5815-released-with-an-important-security-fix
ADSelfService Plus 5815 released with an important security fixVendor Advisory
Jump to