VAR-201911-1328
Vulnerability from variot - Updated: 2023-12-18 13:23Incorrect file permissions on the packaged Nipper executable file in Zoho ManageEngine OpManager 12.4.072 and Firewall Analyzer 12.4.072 allow local users to elevate privileges to root by overwriting this file with a malicious payload. Zoho ManageEngine OpManager and Firewall Analyzer Contains a vulnerability with inappropriate default permissions.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both ZOHO ManageEngine OpManager and ZOHO ManageEngine Firewall Analyzer are products of ZOHO, an American company. ZOHO ManageEngine OpManager is a set of network, server and virtualization monitoring software. ZOHO ManageEngine Firewall Analyzer is a set of web-based firewall log analysis tools, which can collect, correlate, analyze and report logs on firewalls, proxy servers and Radius servers throughout the enterprise. There are security vulnerabilities in ZOHO ManageEngine OpManager version 12.4.072 and ZOHO ManageEngine Firewall Analyzer version 12.4.072
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201911-1328",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "manageengine firewall analyzer",
"scope": "eq",
"trust": 1.6,
"vendor": "zohocorp",
"version": "12.4"
},
{
"model": "manageengine opmanager",
"scope": "eq",
"trust": 1.6,
"vendor": "zohocorp",
"version": "12.4"
},
{
"model": "manageengine firewall analyzer",
"scope": "eq",
"trust": 0.8,
"vendor": "zoho",
"version": "12.4.072"
},
{
"model": "manageengine opmanager",
"scope": "eq",
"trust": 0.8,
"vendor": "zoho",
"version": "12.4.072"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012531"
},
{
"db": "NVD",
"id": "CVE-2019-17421"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1252"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.4:124072:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.4:build124072:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-17421"
}
]
},
"cve": "CVE-2019-17421",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2019-17421",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-149666",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-17421",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-17421",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201911-1252",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-149666",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-149666"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012531"
},
{
"db": "NVD",
"id": "CVE-2019-17421"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1252"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Incorrect file permissions on the packaged Nipper executable file in Zoho ManageEngine OpManager 12.4.072 and Firewall Analyzer 12.4.072 allow local users to elevate privileges to root by overwriting this file with a malicious payload. Zoho ManageEngine OpManager and Firewall Analyzer Contains a vulnerability with inappropriate default permissions.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both ZOHO ManageEngine OpManager and ZOHO ManageEngine Firewall Analyzer are products of ZOHO, an American company. ZOHO ManageEngine OpManager is a set of network, server and virtualization monitoring software. ZOHO ManageEngine Firewall Analyzer is a set of web-based firewall log analysis tools, which can collect, correlate, analyze and report logs on firewalls, proxy servers and Radius servers throughout the enterprise. There are security vulnerabilities in ZOHO ManageEngine OpManager version 12.4.072 and ZOHO ManageEngine Firewall Analyzer version 12.4.072",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-17421"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012531"
},
{
"db": "VULHUB",
"id": "VHN-149666"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-17421",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012531",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1252",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2020-28461",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-149666",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-149666"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012531"
},
{
"db": "NVD",
"id": "CVE-2019-17421"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1252"
}
]
},
"id": "VAR-201911-1328",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-149666"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:23:30.030000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CVE-2019-17421",
"trust": 0.8,
"url": "https://www.manageengine.com/products/firewall/security-updates/cve-2019-17421.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012531"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-276",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-149666"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012531"
},
{
"db": "NVD",
"id": "CVE-2019-17421"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.manageengine.com/products/firewall/security-updates/cve-2019-17421.html"
},
{
"trust": 1.7,
"url": "https://blog.vastart.dev/2019/11/cve-2019-17421-privilege-escalation.html"
},
{
"trust": 1.7,
"url": "https://twitter.com/va_start"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17421"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17421"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-149666"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012531"
},
{
"db": "NVD",
"id": "CVE-2019-17421"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1252"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-149666"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012531"
},
{
"db": "NVD",
"id": "CVE-2019-17421"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1252"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-21T00:00:00",
"db": "VULHUB",
"id": "VHN-149666"
},
{
"date": "2019-12-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-012531"
},
{
"date": "2019-11-21T15:15:14.790000",
"db": "NVD",
"id": "CVE-2019-17421"
},
{
"date": "2019-11-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-1252"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-12-03T00:00:00",
"db": "VULHUB",
"id": "VHN-149666"
},
{
"date": "2019-12-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-012531"
},
{
"date": "2021-04-29T18:17:21.697000",
"db": "NVD",
"id": "CVE-2019-17421"
},
{
"date": "2019-12-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-1252"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-1252"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zoho ManageEngine OpManager and Firewall Analyzer Inappropriate default permission vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012531"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-1252"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…