CVE-2018-20339

Beschreibung:
Zoho ManageEngine OpManager 12.3 before build 123239 allows XSS in the Notes column of the Alarms section.

CWE: CWE-79 CWE-787

CVSS-Bewertung
CVSS 2: MEDIUM – 4.3 (Version: 2.0)
CVSS 3: MEDIUM – 6.1 (Version: 3.0)

Links:

NVD – CVE-2018-20339
CVE – CVE-2018-20339

Link (max. 20) Quelle Tags
https://www.manageengine.com/network-monitoring/help/read-me.html MISC Release Notes Vendor Advisory VDB Entry
106302 BID Third Party Advisory VDB Entry VDB Entry
106333 BID Third Party Advisory VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-19-050-04 MISC US Government Resource Third Party Advisory VDB Entry
108538 BID Patch Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf CONFIRM Patch Third Party Advisory
DSA-4456 DEBIAN Mailing List Third Party Advisory
20190605 [SECURITY] [DSA 4456-1] exim4 security update BUGTRAQ Mailing List Third Party Advisory
GLSA-201906-01 GENTOO
[oss-security] 20190606 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit MLIST
108679 BID
openSUSE-SU-2019:1524 SUSE
http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html MISC
20190611 The Return of the WIZard: RCE in Exim (CVE-2019-10149) FULLDISC
http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html MISC
[oss-security] 20190725 Re: Statistics for distros lists updated for 2019Q2 MLIST
[oss-security] 20190725 Re: Statistics for distros lists updated for 2019Q2 MLIST
[oss-security] 20190726 Re: Statistics for distros lists updated for 2019Q2 MLIST
http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html MISC
[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim MLIST

Quelle: NVD – CVE-2018-20339
Datum Veröffentlichung: 2018-12-21T09:29Z, Datum letzte Änderung: 2021-05-04T15:07Z