CVE Vulnerabilities

CVE-2014-0344

Published: Mar 29, 2014 | Modified: Jul 24, 2015
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.5 MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Properties.do in ZOHO ManageEngine OpStor before build 8500 does not properly check privilege levels, which allows remote authenticated users to obtain Admin access by using the name parameter in conjunction with a true value of the edit parameter.

Affected Software

Name Vendor Start Version End Version
Manageengine_opstor Zohocorp * 8.3

References