fkie_cve-2019-19800
Vulnerability from fkie_nvd
Published
2020-02-06 17:15
Modified
2024-11-21 04:35
Severity ?
Summary
Zoho ManageEngine Applications Manager 14 before 14520 allows a remote unauthenticated attacker to disclose OS file names via FailOverHelperServlet.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:-:*:*:*:*:*:*",
"matchCriteriaId": "59E9390D-5DEB-4D0B-B304-84023A1AE9AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14000:*:*:*:*:*:*",
"matchCriteriaId": "03FAC408-84B1-4B51-A6D9-C1DF77FBAA3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14010:*:*:*:*:*:*",
"matchCriteriaId": "E00321E8-A1DF-49BF-A4E4-237527E7C75E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14020:*:*:*:*:*:*",
"matchCriteriaId": "58DA013E-26A7-4968-B89B-4B694D683E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14030:*:*:*:*:*:*",
"matchCriteriaId": "8552CA6A-B6B5-42D2-97D0-CA9FA5B9DE03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14040:*:*:*:*:*:*",
"matchCriteriaId": "87DEE454-FE44-4312-B9FC-53D671ACA37E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14050:*:*:*:*:*:*",
"matchCriteriaId": "1715F2C6-AC0F-4F46-A6C4-3531242274ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14060:*:*:*:*:*:*",
"matchCriteriaId": "583248EC-C732-4902-B14C-5031888BD17E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14070:*:*:*:*:*:*",
"matchCriteriaId": "355366B0-4D45-4920-A897-A9A4451C072D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14071:*:*:*:*:*:*",
"matchCriteriaId": "EDB9AADD-A93D-46CC-B5E9-BB841FFC2A61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14072:*:*:*:*:*:*",
"matchCriteriaId": "CDC226FE-DBBA-4FB2-A703-82EE12092FBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14073:*:*:*:*:*:*",
"matchCriteriaId": "0FC560BE-C297-4348-8739-D014CDEF60CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14080:*:*:*:*:*:*",
"matchCriteriaId": "2B385291-37F7-4B1E-98B9-06E42B07ACA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14090:*:*:*:*:*:*",
"matchCriteriaId": "8D647A88-0F0A-4971-9AD1-494AB6D1DFF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14100:*:*:*:*:*:*",
"matchCriteriaId": "7D25C680-75B3-4285-9DE1-61755DC6CA2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14110:*:*:*:*:*:*",
"matchCriteriaId": "50453E27-2E38-4101-9CF4-48DB99C69842",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14120:*:*:*:*:*:*",
"matchCriteriaId": "9D369493-65F3-4655-8049-0CFCEDADE050",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14130:*:*:*:*:*:*",
"matchCriteriaId": "F1F20F68-25EA-46A2-9B5E-6422A6CBF921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14140:*:*:*:*:*:*",
"matchCriteriaId": "41A93890-6484-48A0-863F-EDDAE3E73940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14150:*:*:*:*:*:*",
"matchCriteriaId": "905119AD-C900-4A95-827B-C9BD2A3A38F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14160:*:*:*:*:*:*",
"matchCriteriaId": "EA55C91C-74B2-4A92-99C3-C30EC29B9CD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14170:*:*:*:*:*:*",
"matchCriteriaId": "B1FE4E15-0A4C-4E5A-BE7D-ECB83965164E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14180:*:*:*:*:*:*",
"matchCriteriaId": "E1322B34-8A8B-4796-8574-8A09AF93889F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14190:*:*:*:*:*:*",
"matchCriteriaId": "3C8724F9-C33B-4BD7-8BED-919D211BF35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14200:*:*:*:*:*:*",
"matchCriteriaId": "EA9199F6-6649-44D4-9A26-C9020A85963D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14210:*:*:*:*:*:*",
"matchCriteriaId": "92E0BD76-9B86-4268-BC23-65B826AD489A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14220:*:*:*:*:*:*",
"matchCriteriaId": "67C94A6A-8D0E-4EFB-93B5-5DC2A28B25DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14230:*:*:*:*:*:*",
"matchCriteriaId": "C6A3DCE6-328B-453C-97B2-8FA70F113CBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14240:*:*:*:*:*:*",
"matchCriteriaId": "29B3D159-1C80-43E6-B630-F373C8F41A19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14250:*:*:*:*:*:*",
"matchCriteriaId": "D8EDAA3F-EE45-4888-BA4A-E36F8FD879BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14260:*:*:*:*:*:*",
"matchCriteriaId": "D603BCB2-7A39-4CD3-AE1E-9244DD9D5A48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14261:*:*:*:*:*:*",
"matchCriteriaId": "EC3AD941-D31B-4760-B9D2-7930E121D2AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14262:*:*:*:*:*:*",
"matchCriteriaId": "A70646ED-342F-47BD-85D7-D43B79BD50EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14270:*:*:*:*:*:*",
"matchCriteriaId": "423396CC-1B12-4449-B000-C3C554E9800D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14280:*:*:*:*:*:*",
"matchCriteriaId": "5909613D-013F-4C3B-8204-6BB7A9968A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14290:*:*:*:*:*:*",
"matchCriteriaId": "3423D181-FCA3-4818-8459-4073E73FDEE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14300:*:*:*:*:*:*",
"matchCriteriaId": "4FBED0C7-7B28-4AE7-B4B0-EB71F2CB860F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14310:*:*:*:*:*:*",
"matchCriteriaId": "195ABF09-6D57-4DCF-B8A6-72AC24A8B29F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14330:*:*:*:*:*:*",
"matchCriteriaId": "AC95E820-FBF3-4CB9-A54C-24198D21197E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14331:*:*:*:*:*:*",
"matchCriteriaId": "F182989C-7BF6-4DAD-8011-813FDF182251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14332:*:*:*:*:*:*",
"matchCriteriaId": "66CD9609-884A-4B9D-A6D2-D23132FE8CB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14340:*:*:*:*:*:*",
"matchCriteriaId": "CD7CD16C-B70A-47E1-8DF7-FCCE1316644F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14350:*:*:*:*:*:*",
"matchCriteriaId": "A7581669-97A3-4611-9779-58EF74B50A9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14360:*:*:*:*:*:*",
"matchCriteriaId": "849D811F-9DB7-4E23-8539-0F1CB0981918",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14361:*:*:*:*:*:*",
"matchCriteriaId": "2C439233-2403-40A7-9D87-63C8FD2AE60C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14370:*:*:*:*:*:*",
"matchCriteriaId": "9853B707-4B58-4787-9779-76523365C774",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14380:*:*:*:*:*:*",
"matchCriteriaId": "516685FD-8707-4588-9C1C-CD5EF65B0F23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14390:*:*:*:*:*:*",
"matchCriteriaId": "AC9198C7-A062-4F33-8B17-2521193FEBCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14400:*:*:*:*:*:*",
"matchCriteriaId": "728DDA8D-A0E2-4086-B4B9-E5BD698D1BCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14401:*:*:*:*:*:*",
"matchCriteriaId": "91DA2DFA-1739-4DA7-8814-A99BA30497A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14410:*:*:*:*:*:*",
"matchCriteriaId": "0EA1F760-7F12-40CE-A0C9-AE03B2D17949",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14420:*:*:*:*:*:*",
"matchCriteriaId": "CCDCB80D-385C-4CFD-B833-96C525BEF2A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14430:*:*:*:*:*:*",
"matchCriteriaId": "B7CD6E6C-1C54-4807-9646-376D53D0FE1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14440:*:*:*:*:*:*",
"matchCriteriaId": "A9B45558-77F8-41A8-84EA-B9D902A044DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14450:*:*:*:*:*:*",
"matchCriteriaId": "AC2A1D9B-C55A-401F-B6F4-AEFB36D7732E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14460:*:*:*:*:*:*",
"matchCriteriaId": "BAAA8B67-C6BF-4517-8867-A4FF16C9F223",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14470:*:*:*:*:*:*",
"matchCriteriaId": "D3A28637-0557-4720-A71B-371AA9CEE002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14480:*:*:*:*:*:*",
"matchCriteriaId": "5AEA57E7-7CD2-4A1E-9CFD-B89FACFFED78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14490:*:*:*:*:*:*",
"matchCriteriaId": "A53FF500-6C40-41F5-8B95-43F71D74DF35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14500:*:*:*:*:*:*",
"matchCriteriaId": "9B7C7BED-ACF8-4001-93F8-4DCFB452370E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0:build14510:*:*:*:*:*:*",
"matchCriteriaId": "DB52F791-A91E-41C6-811E-E74A19887491",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Zoho ManageEngine Applications Manager 14 before 14520 allows a remote unauthenticated attacker to disclose OS file names via FailOverHelperServlet."
},
{
"lang": "es",
"value": "Zoho ManageEngine Applications Manager 14 versiones anteriores a 14520, permite a un atacante remoto no autenticado revelar nombres de archivos del Sistema Operativo por medio de FailOverHelperServlet."
}
],
"id": "CVE-2019-19800",
"lastModified": "2024-11-21T04:35:24.873",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-06T17:15:13.770",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://gitlab.com/eLeN3Re/CVE-2019-19800/"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.manageengine.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://www.manageengine.com/products/applications_manager/release-notes.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://gitlab.com/eLeN3Re/CVE-2019-19800/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://www.manageengine.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.manageengine.com/products/applications_manager/release-notes.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.