CVE-2021-20078
Scores
EPSS
0.552medium55.2%
0%20%40%60%80%100%
Percentile: 55.2%
CVSS
9.1critical3.x
0246810
CVSS Score: 9.1/10
All CVSS Scores
CVSS 3.x
9.1Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Vector Breakdown
CVSS (Common Vulnerability Scoring System) vector provides detailed metrics about vulnerability characteristics
CVSS
Attack Vector
Network (N)
Describes how the vulnerability is exploited
AV:N
Attack Complexity
Low (L)
Describes the conditions beyond the attacker's control
AC:L
Privileges Required
None (N)
Describes the level of privileges an attacker must possess
PR:N
User Interaction
None (N)
Captures the requirement for a human user participation
UI:N
Scope
Unchanged (U)
Determines if a successful attack impacts components beyond the vulnerable component
S:U
Confidentiality Impact
None (N)
Measures the impact to the confidentiality of information
C:N
Integrity Impact
High (H)
Measures the impact to integrity of a successfully exploited vulnerability
I:H
Availability Impact
High (H)
Measures the impact to the availability of the impacted component
A:H
CVSS 2.0
9.4Vector: AV:N/AC:L/Au:N/C:N/I:C/A:C
Vector Breakdown
CVSS (Common Vulnerability Scoring System) vector provides detailed metrics about vulnerability characteristics
CVSS
Attack Vector
Network (N)
Describes how the vulnerability is exploited
AV:N
Attack Complexity
Low (L)
Describes the conditions beyond the attacker's control
AC:L
Authentication
None (N)
Describes the level of privileges an attacker must possess
Au:N
Confidentiality Impact
None (N)
Measures the impact to the confidentiality of information
C:N
Integrity Impact
Complete
Measures the impact to integrity of a successfully exploited vulnerability
I:C
Availability Impact
Complete
Measures the impact to the availability of the impacted component
A:C
Description
Manage Engine OpManager builds below 125346 are vulnerable to a remote denial of service vulnerability due to a path traversal issue in spark gateway component. This allows a remote attacker to remotely delete any directory or directories on the OS.
Scaner-VS 7 — a modern vulnerability management solution
Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7Sources
nvd
CWEs
CWE-22
Vulnerable Software (1)
Type: Configuration
Vendor: *
Product: manageengine_opmanager
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:*:*:*:*:*:*:*:*", "versionEndExcluding": "12.5", "vulnerable": true }, { "cpe23uri": "cp...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:*:*:*:*:*:*:*:*", "versionEndExcluding": "12.5", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125000:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125002:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125100:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125101:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125102:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125108:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125110:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125111:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125112:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125113:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125114:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125116:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125117:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125118:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125120:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125121:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125123:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125124:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125125:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125136:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125137:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125139:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125140:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125143:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125144:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125145:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125156:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125157:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125158:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125159:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125161:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125163:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125174:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125175:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125176:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125177:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125178:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125180:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125181:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125192:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125193:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125194:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125195:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125196:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125197:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125198:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125201:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125204:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125212:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125213:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125214:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125215:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125216:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125228:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125229:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125230:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125231:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125232:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125233:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125312:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125323:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125324:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125326:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125328:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125329:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125340:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125341:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125342:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125343:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.5:build125344:*:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
End of list