exploitDog

CVE-2019-7162

Опубликовано: 31 дек. 2019

Источник: nvd

CVSS3: 9.1

CVSS2: 6.4

EPSS Низкий

Описание

An issue was discovered in Zoho ManageEngine ADSelfService Plus 5.6 Build 5607. An exposed service allows an unauthenticated person to retrieve internal information from the system and modify the product installation.

Ссылки

https://cds.thalesgroup.com/en/tcs-cert/CVE-2019-7162
https://www.excellium-services.com/cert-xlm-advisory
https://www.excellium-services.com/cert-xlm-advisory/cve-2019-7162/
Third Party Advisory
https://www.excellium-services.com/cert-xlm-advisory/cve-2019-7162/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.6:5607:*:*:*:*:*:*

EPSS

Процентиль: 92%

0.07776

Низкий

9.1 Critical

CVSS3

6.4 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-xjh5-4qmv-vw5r

CVSS3: 9.1

github

больше 3 лет назад

An issue was discovered in Zoho ManageEngine ADSelfService Plus 5.6 Build 5607. An exposed service allows an unauthenticated person to retrieve internal information from the system and modify the product installation.

EPSS

Процентиль: 92%

0.07776

Низкий

9.1 Critical

CVSS3

6.4 Medium

CVSS2

Дефекты

NVD-CWE-noinfo