An issue was discovered in ZOHO ManageEngine OpManager 12.2. An authenticated user can upload any file they want to share in the "Group Chat" or "Alarm" section. This functionality can be abused by a malicious user by uploading a web shell.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-05-23T15:32:59
Updated: 2024-08-05T18:12:40.382Z
Reserved: 2017-07-22T00:00:00
Link: CVE-2017-11561
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-05-23T16:29:08.073
Modified: 2024-11-21T03:08:01.430
Link: CVE-2017-11561
Redhat
No data.