What is CVE-2018-17283?

CVE-2018-17283 is a vulnerability in N/a. Published 2018-09-21.

Is CVE-2018-17283 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2018-17283

Zoho ManageEngine OpManager before 12.3 Build 123196 does not require authentication for /oputilsServlet requests, as demonstrated by a /oputilsServlet?action=getAPIKey request that can be leveraged against Firewall Analyzer to add an admi…

EPSS: 0.601 (99.0th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

www.manageengine.com/network-monitoring/help/read-me.html (x_refsource_MISC)
github.com/x-f1v3/ForCve/issues/4 (x_refsource_MISC)

Frequently asked questions

What is CVE-2018-17283?: CVE-2018-17283 is a vulnerability in N/a. Published 2018-09-21.
Is CVE-2018-17283 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.