CVE-2020-15594
Last modified
CVE-2020-15594 is a medium-severity vulnerability rated 4.3/10 on the CVSS scale. An SSRF issue was discovered in Zoho Application Control Plus before version 10.0.511. The mail gateway configuration feature allows an attacker to perform a scan in order to discover open ports on a machine as well as available machines on the network segment on which the instance of the product is deployed.. EPSS estimates a 1.77% chance of exploitation in the next 30 days.
Description
An SSRF issue was discovered in Zoho Application Control Plus before version 10.0.511. The mail gateway configuration feature allows an attacker to perform a scan in order to discover open ports on a machine as well as available machines on the network segment on which the instance of the product is deployed.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Zohocorp | Manageengine Application Control Plus | < 10.0.511 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-15594?
How severe is CVE-2020-15594?
How do I fix CVE-2020-15594?
Are you affected by CVE-2020-15594?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST