An issue was discovered in Zoho Application Control Plus before version 10.0.511. The Element Configuration feature (to configure elements included in the scope of elements managed by the product) allows an attacker to retrieve the entire list of the IP ranges and subnets configured in the product and consequently obtain information about the cartography of the internal networks to which the product has access.
History

Wed, 18 Dec 2024 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Zohocorp manageengine Application Control Plus
CPEs cpe:2.3:a:zohocorp:application_control_plus:*:*:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_application_control_plus:*:*:*:*:*:*:*:*
Vendors & Products Zohocorp application Control Plus
Zohocorp manageengine Application Control Plus

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-09-29T12:56:55

Updated: 2024-08-04T13:22:30.656Z

Reserved: 2020-07-07T00:00:00

Link: CVE-2020-15595

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-09-30T18:15:22.413

Modified: 2024-12-18T14:34:36.427

Link: CVE-2020-15595

cve-icon Redhat

No data.