Short Name |
HTTP:INFO-LEAK:CVE-2018-18980XE |
---|---|
Severity |
Minor |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Zoho ManageEngine OpManager BusinessViewFlashImpl handleBVAction CVE-2018-18980 XXE Injection Information Disclosure |
Release Date |
2019/02/25 |
Update Number |
3145 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against Zoho ManageEngine OpManager BusinessViewFlashImpl. Successful exploitation could allow the attacker to read arbitrary files from the target system.
An XML External Entity injection (XXE) vulnerability exists in Zoho ManageEngine Network Configuration Manager and OpManager before 12.3.214 via the RequestXML parameter in a /devices/ProcessRequest.do GET request. For example, the attacker can trigger the transmission of local files to an arbitrary remote FTP server.