HTTP: ManageEngine NetFlow Analyzer Arbitrary File Download

This signature detects attempts to exploit a known vulnerability against Manage Engine NetFlow Analyzer. A successful exploit can lead to download arbitrary files from arbitrary locations on the server.

Extended Description

Multiple absolute path traversal vulnerabilities in ZOHO ManageEngine Netflow Analyzer 8.6 through 10.2 and IT360 10.3 allow remote attackers or remote authenticated users to read arbitrary files via a full pathname in the schFilePath parameter to the (1) CSVServlet or (2) CReportPDFServlet servlet.

Affected Products

Zohocorp manageengine_netflow_analyzer

References

BugTraq: 71404

CVE: CVE-2014-5445

Short Name
HTTP:DIR:MNGE-ENGINE-FILE-DLD
Severity
Minor
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Analyzer Arbitrary CVE-2014-5445 Download File ManageEngine NetFlow bid:71404
Release Date
01/21/2015
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3761
False Positive
Unknown
Vendors

Zohocorp

CVSS Score

5.0

Found a potential security threat?