An issue was discovered in Zoho Application Control Plus before version 10.0.511. The Element Configuration feature (to configure elements included in the scope of elements managed by the product) allows an attacker to retrieve the entire list of the IP ranges and subnets configured in the product and consequently obtain information about the cartography of the internal networks to which the product has access.
Metrics
Affected Vendors & Products
References
History
Wed, 18 Dec 2024 15:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Zohocorp manageengine Application Control Plus
|
|
CPEs | cpe:2.3:a:zohocorp:manageengine_application_control_plus:*:*:*:*:*:*:*:* | |
Vendors & Products |
Zohocorp application Control Plus
|
Zohocorp manageengine Application Control Plus
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-09-29T12:56:55
Updated: 2024-08-04T13:22:30.656Z
Reserved: 2020-07-07T00:00:00
Link: CVE-2020-15595
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-09-30T18:15:22.413
Modified: 2024-12-18T14:34:36.427
Link: CVE-2020-15595
Redhat
No data.