First published: Wed Sep 26 2018(Updated: )
A serialization vulnerability in Zoho ManageEngine Applications Manager before build 13740 allows for remote code execution on Windows via a payload on an SMB share.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zohocorp ManageEngine Applications Manager | =13.7 | |
Zohocorp ManageEngine Applications Manager | =13.7-build13700 | |
Zohocorp ManageEngine Applications Manager | =13.7-build13710 | |
Zohocorp ManageEngine Applications Manager | =13.7-build13720 | |
Zohocorp ManageEngine Applications Manager | =13.7-build13730 | |
Zohocorp ManageEngine Applications Manager | =13.7-build13750 | |
Zohocorp ManageEngine Applications Manager | =13.7-build13760 | |
Zohocorp ManageEngine Applications Manager | =13.7-build13770 | |
Zohocorp ManageEngine Applications Manager | =13.7-build13780 | |
Zohocorp ManageEngine Applications Manager | =13.7-build13790 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-16364 is a serialization vulnerability in Zoho ManageEngine Applications Manager before build 13740.
CVE-2018-16364 allows for remote code execution on Windows via a payload on an SMB share.
CVE-2018-16364 has a severity rating of 8.1 (High).
Zoho ManageEngine Applications Manager versions 13.7 to build 13740 are affected by CVE-2018-16364.
To fix CVE-2018-16364, users should update to Zoho ManageEngine Applications Manager build 13740 or later.