An issue was discovered in Zoho ManageEngine Exchange Reporter Plus before build number 5510, AD360 before build number 4228, ADSelfService Plus before build number 5817, DataSecurity Plus before build number 6033, RecoverManager Plus before build number 6017, EventLog Analyzer before build number 12136, ADAudit Plus before build number 6052, O365 Manager Plus before build number 4334, Cloud Security Plus before build number 4110, ADManager Plus before build number 7055, and Log360 before build number 5166. The remotely accessible Java servlet com.manageengine.ads.fw.servlet.UpdateProductDetails is prone to an authentication bypass. System integration properties can be modified and lead to full ManageEngine suite compromise.
総合評価: CVE-2020-24786 は高リスク(77.7/100)。CVSS 深刻度は重大。悪用される可能性が高い(EPSS 12.82%、96 パーセンタイル) 根拠: EPSS 上、短期間での悪用可能性は高い水準です。 直近 1 日で EPSS が +6.04% 上昇。悪用への関心が高まっている可能性があります。 推奨対応: 悪用可能性が高いため、影響範囲の確認と修補の優先付けを推奨します。
リスクは変動します。再評価に基づき、本ページの表示内容を更新しています。
EPSS は日次で悪用されやすさの相対度合いを推定します。パーセンタイルは採点済み CVE の中での相対位置(高いほど相対的に深刻)を示します。
| # | 日付 | 旧 EPSS スコア | 新 EPSS スコア | Δ(新 − 旧) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 6.78% | 12.82% | +6.04% |
| 2 | 2026-03-04 | 2.12% | 6.78% | +4.66% |
| 3 | 2026-03-01 | — | 2.12% | — |
EPSS の全履歴 (全 51 件)
この CVE の CVSS 指標。
| ベーススコア | バージョン | 深刻度 | ベクトル | 悪用しやすさ | 影響 | スコアの出典 |
|---|---|---|---|---|---|---|
| 9.8 | 3.1 | CRITICAL |
|
3.9 | 5.9 | [email protected] |
| 10.0 | 2.0 | HIGH |
|
10.0 | 10.0 | [email protected] |
| ベンダー | 製品 | バージョン | 生の CPE |
|---|---|---|---|
| zohocorp | manageengine_adselfservice_plus | <= 5.7 | cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:*:*:*:*:*:*:*:* |
| zohocorp | manageengine_adselfservice_plus | 5.8 | cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:-:*:*:*:*:*:* |
| zohocorp | manageengine_adselfservice_plus | 5.8 | cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5800:*:*:*:*:*:* |
| zohocorp | manageengine_adselfservice_plus | 5.8 | cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5801:*:*:*:*:*:* |
| zohocorp | manageengine_adselfservice_plus | 5.8 | cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5802:*:*:*:*:*:* |
| zohocorp | manageengine_adselfservice_plus | 5.8 | cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5803:*:*:*:*:*:* |
| zohocorp | manageengine_adselfservice_plus | 5.8 | cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5804:*:*:*:*:*:* |
| zohocorp | manageengine_adselfservice_plus | 5.8 | cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5805:*:*:*:*:*:* |
| zohocorp | manageengine_adselfservice_plus | 5.8 | cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5806:*:*:*:*:*:* |
| zohocorp | manageengine_adselfservice_plus | 5.8 | cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5807:*:*:*:*:*:* |
| zohocorp | manageengine_adselfservice_plus | 5.8 | cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5808:*:*:*:*:*:* |
| zohocorp | manageengine_adselfservice_plus | 5.8 | cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5809:*:*:*:*:*:* |
| zohocorp | manageengine_adselfservice_plus | 5.8 | cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5810:*:*:*:*:*:* |
| zohocorp | manageengine_adselfservice_plus | 5.8 | cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5811:*:*:*:*:*:* |
| zohocorp | manageengine_adselfservice_plus | 5.8 | cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5812:*:*:*:*:*:* |
| zohocorp | manageengine_adselfservice_plus | 5.8 | cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5813:*:*:*:*:*:* |
| zohocorp | manageengine_adselfservice_plus | 5.8 | cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5814:*:*:*:*:*:* |
| zohocorp | manageengine_adselfservice_plus | 5.8 | cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5815:*:*:*:*:*:* |
| zohocorp | manageengine_adselfservice_plus | 5.8 | cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.8:5816:*:*:*:*:*:* |
| zohocorp | manageengine_exchange_reporter_plus | <= 5.4 | cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:*:*:*:*:*:*:*:* |
| zohocorp | manageengine_exchange_reporter_plus | 5.5 | cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.5:5500:*:*:*:*:*:* |
| zohocorp | manageengine_exchange_reporter_plus | 5.5 | cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.5:5501:*:*:*:*:*:* |
| zohocorp | manageengine_exchange_reporter_plus | 5.5 | cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.5:5502:*:*:*:*:*:* |
| zohocorp | manageengine_exchange_reporter_plus | 5.5 | cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.5:5503:*:*:*:*:*:* |
| zohocorp | manageengine_exchange_reporter_plus | 5.5 | cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.5:5504:*:*:*:*:*:* |
| zohocorp | manageengine_ad360 | <= 4.1 | cpe:2.3:a:zohocorp:manageengine_ad360:*:*:*:*:*:*:*:* |
| zohocorp | manageengine_ad360 | 4.2 | cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4200:*:*:*:*:*:* |
| zohocorp | manageengine_ad360 | 4.2 | cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4201:*:*:*:*:*:* |
| zohocorp | manageengine_ad360 | 4.2 | cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4202:*:*:*:*:*:* |
| zohocorp | manageengine_ad360 | 4.2 | cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4203:*:*:*:*:*:* |
| zohocorp | manageengine_ad360 | 4.2 | cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4204:*:*:*:*:*:* |
| zohocorp | manageengine_ad360 | 4.2 | cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4205:*:*:*:*:*:* |
| zohocorp | manageengine_ad360 | 4.2 | cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4206:*:*:*:*:*:* |
| zohocorp | manageengine_ad360 | 4.2 | cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4207:*:*:*:*:*:* |
| zohocorp | manageengine_ad360 | 4.2 | cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4208:*:*:*:*:*:* |
| zohocorp | manageengine_ad360 | 4.2 | cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4209:*:*:*:*:*:* |
| zohocorp | manageengine_ad360 | 4.2 | cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4210:*:*:*:*:*:* |
| zohocorp | manageengine_ad360 | 4.2 | cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4212:*:*:*:*:*:* |
| zohocorp | manageengine_ad360 | 4.2 | cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4213:*:*:*:*:*:* |
| zohocorp | manageengine_ad360 | 4.2 | cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4214:*:*:*:*:*:* |
| zohocorp | manageengine_ad360 | 4.2 | cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4215:*:*:*:*:*:* |
| zohocorp | manageengine_ad360 | 4.2 | cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4216:*:*:*:*:*:* |
| zohocorp | manageengine_ad360 | 4.2 | cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4217:*:*:*:*:*:* |
| zohocorp | manageengine_ad360 | 4.2 | cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4219:*:*:*:*:*:* |
| zohocorp | manageengine_ad360 | 4.2 | cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4220:*:*:*:*:*:* |
| zohocorp | manageengine_ad360 | 4.2 | cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4222:*:*:*:*:*:* |
| zohocorp | manageengine_ad360 | 4.2 | cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4223:*:*:*:*:*:* |
| zohocorp | manageengine_ad360 | 4.2 | cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4224:*:*:*:*:*:* |
| zohocorp | manageengine_ad360 | 4.2 | cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4225:*:*:*:*:*:* |
| zohocorp | manageengine_ad360 | 4.2 | cpe:2.3:a:zohocorp:manageengine_ad360:4.2:4227:*:*:*:*:*:* |
| zohocorp | manageengine_datasecurity_plus | <= 5.0 | cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:*:*:*:*:*:*:*:* |
| zohocorp | manageengine_datasecurity_plus | 6.0 | cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6000:*:*:*:*:*:* |
| zohocorp | manageengine_datasecurity_plus | 6.0 | cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6001:*:*:*:*:*:* |
| zohocorp | manageengine_datasecurity_plus | 6.0 | cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6002:*:*:*:*:*:* |
| zohocorp | manageengine_datasecurity_plus | 6.0 | cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6003:*:*:*:*:*:* |
| zohocorp | manageengine_datasecurity_plus | 6.0 | cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6010:*:*:*:*:*:* |
| zohocorp | manageengine_datasecurity_plus | 6.0 | cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6011:*:*:*:*:*:* |
| zohocorp | manageengine_datasecurity_plus | 6.0 | cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6012:*:*:*:*:*:* |
| zohocorp | manageengine_datasecurity_plus | 6.0 | cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6013:*:*:*:*:*:* |
| zohocorp | manageengine_datasecurity_plus | 6.0 | cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6020:*:*:*:*:*:* |
| zohocorp | manageengine_datasecurity_plus | 6.0 | cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6021:*:*:*:*:*:* |
| zohocorp | manageengine_datasecurity_plus | 6.0 | cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6030:*:*:*:*:*:* |
| zohocorp | manageengine_datasecurity_plus | 6.0 | cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6031:*:*:*:*:*:* |
| zohocorp | manageengine_datasecurity_plus | 6.0 | cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:6.0:6032:*:*:*:*:*:* |
| zohocorp | manageengine_recovermanager_plus | <= 5.4 | cpe:2.3:a:zohocorp:manageengine_recovermanager_plus:*:*:*:*:*:*:*:* |
| zohocorp | manageengine_recovermanager_plus | 6.0 | cpe:2.3:a:zohocorp:manageengine_recovermanager_plus:6.0:6001:*:*:*:*:*:* |
| zohocorp | manageengine_recovermanager_plus | 6.0 | cpe:2.3:a:zohocorp:manageengine_recovermanager_plus:6.0:6003:*:*:*:*:*:* |
| zohocorp | manageengine_recovermanager_plus | 6.0 | cpe:2.3:a:zohocorp:manageengine_recovermanager_plus:6.0:6005:*:*:*:*:*:* |
| zohocorp | manageengine_recovermanager_plus | 6.0 | cpe:2.3:a:zohocorp:manageengine_recovermanager_plus:6.0:6011:*:*:*:*:*:* |
| zohocorp | manageengine_recovermanager_plus | 6.0 | cpe:2.3:a:zohocorp:manageengine_recovermanager_plus:6.0:6016:*:*:*:*:*:* |
| zohocorp | manageengine_eventlog_analyzer | <= 12.1.2 | cpe:2.3:a:zohocorp:manageengine_eventlog_analyzer:*:*:*:*:*:*:*:* |
| zohocorp | manageengine_eventlog_analyzer | 12.1.3 | cpe:2.3:a:zohocorp:manageengine_eventlog_analyzer:12.1.3:12130:*:*:*:*:*:* |
| zohocorp | manageengine_eventlog_analyzer | 12.1.3 | cpe:2.3:a:zohocorp:manageengine_eventlog_analyzer:12.1.3:12135:*:*:*:*:*:* |
| zohocorp | manageengine_adaudit_plus | <= 5.1 | cpe:2.3:a:zohocorp:manageengine_adaudit_plus:*:*:*:*:*:*:*:* |
| zohocorp | manageengine_adaudit_plus | 6.0 | cpe:2.3:a:zohocorp:manageengine_adaudit_plus:6.0:6000:*:*:*:*:*:* |
| zohocorp | manageengine_adaudit_plus | 6.0 | cpe:2.3:a:zohocorp:manageengine_adaudit_plus:6.0:6001:*:*:*:*:*:* |
| zohocorp | manageengine_adaudit_plus | 6.0 | cpe:2.3:a:zohocorp:manageengine_adaudit_plus:6.0:6002:*:*:*:*:*:* |
| zohocorp | manageengine_adaudit_plus | 6.0 | cpe:2.3:a:zohocorp:manageengine_adaudit_plus:6.0:6003:*:*:*:*:*:* |
| zohocorp | manageengine_adaudit_plus | 6.0 | cpe:2.3:a:zohocorp:manageengine_adaudit_plus:6.0:6010:*:*:*:*:*:* |
| zohocorp | manageengine_adaudit_plus | 6.0 | cpe:2.3:a:zohocorp:manageengine_adaudit_plus:6.0:6030:*:*:*:*:*:* |