CVE-2014-7863

high-risk
Published 2020-02-08

The FailOverHelperServlet (aka FailServlet) servlet in ZOHO ManageEngine Applications Manager before 11.9 build 11912, OpManager 8 through 11.5 build 11400, and IT360 10.5 and earlier does not properly restrict access, which allows remote attackers and remote authenticated users to (1) read arbitrary files via the fileName parameter in a copyfile operation or (2) obtain sensitive information via a directory listing in a listdirectory operation to servlet/FailOverHelperServlet.

Do I need to act?

!
88.9% chance of exploitation in next 30 days
EPSS score — higher than 11% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
!
1 public exploit available
43894
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / LOW complexity

Affected Products (3)

Affected Vendors

Zohocorp

References (12)

Exploit http://packetstormsecurity.com/files/130162/ManageEngine-File-Download-Content-D...
Exploit http://seclists.org/fulldisclosure/2015/Jan/114
Broken Link http://www.securityfocus.com/archive/1/archive/1/534575/100/0/threaded
Third Party Advisory https://exchange.xforce.ibmcloud.com/vulnerabilities/100554
Broken Link https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_failservlet....
Exploit https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerabilities...
Exploit http://packetstormsecurity.com/files/130162/ManageEngine-File-Download-Content-D...
Exploit http://seclists.org/fulldisclosure/2015/Jan/114
Broken Link http://www.securityfocus.com/archive/1/archive/1/534575/100/0/threaded
Third Party Advisory https://exchange.xforce.ibmcloud.com/vulnerabilities/100554
Broken Link https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_failservlet....
Exploit https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerabilities...
55
/ 100
high-risk
Severity 26/34 · High
Exploitability 20/34 · Moderate
Exposure 9/34 · Low