CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-17112

An issue was discovered in Zoho ManageEngine DataSecurity Plus before 5.0.1 5012. An exposed service allows a basic user ("Operator" access level) to access the configuration file of the mail server (except for the password).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 72.0%

CVSS Severity

CVSS v3 Score 4.3

CVSS v2 Score 4.0

References

Products affected by CVE-2019-17112

Zohocorp » Manageengine Datasecurity Plus » Version: 4.0

cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:4.0
Zohocorp » Manageengine Datasecurity Plus » Version: 4.1

cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:4.1
Zohocorp » Manageengine Datasecurity Plus » Version: 4.2

cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:4.2
Zohocorp » Manageengine Datasecurity Plus » Version: 4.3

cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:4.3
Zohocorp » Manageengine Datasecurity Plus » Version: 5.0

cpe:2.3:a:zohocorp:manageengine_datasecurity_plus:5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-17112

Products

Pricing

Contact Us