Schedule demo
 
 

CVE-2020-35765

Post Authenticated SQL Injection attack in ShowResource module of Mobile View.


Vulnerability Details
Impact CVSS V3 rating: 8.8 CRITICAL
Fixed 13 January 2021
Affected Builds Below 15000
Fixed in Version 15000 and above
Overview Post Authenticated SQL Injection attack in ShowResource module of Mobile View.
Recommended Fix Upgrade Applications Manager to version 15000 or above.

Description- Security Update - CVE-2020-35765 Database

Zoho ManageEngine Applications Manager through 14911 allows an authenticated SQL Injection via a crafted showresource request.

We recommend you to upgrade Applications Manager to version 15000 or above to fix this issue.


Source and Acknowledgements

Find out more about CVE-2020-35765 from CVE Directory and NIST NVD.

Reported by:
Researcher
Tenable Network Security

Need Help?

For clarification or corrections please contact our support team or email us at appmanager-support@manageengine.com

You're in great company