CVE-2020-15533
published 2020-10-01CVE-2020-15533: In Zoho ManageEngine Application Manager 14.7 Build 14730 (before 14684, and between 14689 and 14750), the AlarmEscalation module is vulnerable to…
PriorityP261critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
4.20%
89.7th percentile
In Zoho ManageEngine Application Manager 14.7 Build 14730 (before 14684, and between 14689 and 14750), the AlarmEscalation module is vulnerable to unauthenticated SQL Injection attack.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| zohocorp | manageengine_applications_manager | < 14.6 | 14.6 |
| zohocorp | manageengine_applications_manager | — | — |
| zohocorp | manageengine_applications_manager | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 2
suricata·2018-08-22
CVE-2018-15533 ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 2
ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 2
Rule: alert http any any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 2"; flow:established,to_server; http.uri; content:"/images/IOMemoryPool.png?"; pcre:"/^[^&]+(?:s(?:cript|tyle\x3D)|on(?:mouse[a-z]|key[a-z]|load|unload|dragdrop|blur|focus|click|dblclick|submit|reset|select|change))/Ri"; reference:cve,2018-15533; reference:url,exploit-db.com/exploits/45242/; classtype:attempted-user; sid:2026010; rev:3; metadata:attack_target IoT, created_at 2018_08_22, cve CVE_2018_15533, deployment Datacenter, signature_severity Major, updated_at 2020_08_25;)
Suricata
ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 5
suricata·2018-08-22
CVE-2018-15533 ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 5
ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 5
Rule: alert http any any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 5"; flow:established,to_server; http.uri; content:"/images/MainMemoryPool.png?"; pcre:"/^[^&]+(?:s(?:cript|tyle\x3D)|on(?:mouse[a-z]|key[a-z]|load|unload|dragdrop|blur|focus|click|dblclick|submit|reset|select|change))/Ri"; reference:cve,2018-15533; reference:url,exploit-db.com/exploits/45242/; classtype:attempted-user; sid:2026013; rev:3; metadata:attack_target IoT, created_at 2018_08_22, cve CVE_2018_15533, deployment Datacenter, signature_severity Major, updated_at 2020_08_25;)
Suricata
ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 6
suricata·2018-08-22
CVE-2018-15533 ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 6
ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 6
Rule: alert http any any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 6"; flow:established,to_server; http.uri; content:"/images/ProcessMemory.png?"; pcre:"/^[^&]+(?:s(?:cript|tyle\x3D)|on(?:mouse[a-z]|key[a-z]|load|unload|dragdrop|blur|focus|click|dblclick|submit|reset|select|change))/Ri"; reference:cve,2018-15533; reference:url,exploit-db.com/exploits/45242/; classtype:attempted-user; sid:2026014; rev:3; metadata:attack_target IoT, created_at 2018_08_22, cve CVE_2018_15533, deployment Datacenter, signature_severity Major, updated_at 2020_08_25;)
Suricata
ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 3
suricata·2018-08-22
CVE-2018-15533 ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 3
ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 3
Rule: alert http any any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 3"; flow:established,to_server; http.uri; content:"/images/Statistics.png?"; pcre:"/^[^&]+(?:s(?:cript|tyle\x3D)|on(?:mouse[a-z]|key[a-z]|load|unload|dragdrop|blur|focus|click|dblclick|submit|reset|select|change))/Ri"; reference:cve,2018-15533; reference:url,exploit-db.com/exploits/45242/; classtype:attempted-user; sid:2026011; rev:3; metadata:attack_target IoT, created_at 2018_08_22, cve CVE_2018_15533, deployment Datacenter, signature_severity Major, updated_at 2020_08_25;)
Suricata
ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 4
suricata·2018-08-22
CVE-2018-15533 ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 4
ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 4
Rule: alert http any any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 4"; flow:established,to_server; http.uri; content:"/images/GLIBBackground.jpg?"; pcre:"/^[^&]+(?:s(?:cript|tyle\x3D)|on(?:mouse[a-z]|key[a-z]|load|unload|dragdrop|blur|focus|click|dblclick|submit|reset|select|change))/Ri"; reference:cve,2018-15533; reference:url,exploit-db.com/exploits/45242/; classtype:attempted-user; sid:2026012; rev:3; metadata:attack_target IoT, created_at 2018_08_22, cve CVE_2018_15533, deployment Datacenter, signature_severity Major, updated_at 2020_08_25;)
Suricata
ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 1
suricata·2018-08-22
CVE-2018-15533 ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 1
ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 1
Rule: alert http any any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 1"; flow:established,to_server; http.uri; content:"/modifychannel/exec?"; pcre:"/^[^&]+(?:s(?:cript|tyle\x3D)|on(?:mouse[a-z]|key[a-z]|load|unload|dragdrop|blur|focus|click|dblclick|submit|reset|select|change))/Ri"; reference:cve,2018-15533; reference:url,exploit-db.com/exploits/45242/; classtype:attempted-user; sid:2026009; rev:3; metadata:attack_target IoT, created_at 2018_08_22, cve CVE_2018_15533, deployment Datacenter, signature_severity Major, updated_at 2020_08_25;)
No public exploits indexed.
No writeups or analysis indexed.
https://www.manageengine.comhttps://www.manageengine.com/products/applications_manager/issues.html#v14750https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2020-15533.htmlhttps://www.manageengine.comhttps://www.manageengine.com/products/applications_manager/issues.html#v14750https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2020-15533.html
2020-10-01
Published