Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2019-17112

An issue was discovered in Zoho ManageEngine DataSecurity Plus before 5.0.1 5012. An exposed service allows a basic user ("Operator" access level) to access the configuration file of the mail server (except for the password).

  • Published: Oct 9, 2019
  • Updated: Apr 13, 2023
  • CVE: CVE-2019-17112
  • Severity: Low
  • Exploit:

CVSS v3:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVSS v2:

  • Severity: Low
  • Score: 4
  • AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

Software From Fixed in
zohocorp / manageengine_datasecurity_plus 4.0-4000 4.0-4000.x
zohocorp / manageengine_datasecurity_plus 4.0-4002 4.0-4002.x
zohocorp / manageengine_datasecurity_plus 4.0-4010 4.0-4010.x
zohocorp / manageengine_datasecurity_plus 4.0-4015 4.0-4015.x
zohocorp / manageengine_datasecurity_plus 4.0-4016 4.0-4016.x
zohocorp / manageengine_datasecurity_plus 4.1-4100 4.1-4100.x
zohocorp / manageengine_datasecurity_plus 4.1-4101 4.1-4101.x
zohocorp / manageengine_datasecurity_plus 4.1-4110 4.1-4110.x
zohocorp / manageengine_datasecurity_plus 4.1-4111 4.1-4111.x
zohocorp / manageengine_datasecurity_plus 4.1-4120 4.1-4120.x
zohocorp / manageengine_datasecurity_plus 4.2-4200 4.2-4200.x
zohocorp / manageengine_datasecurity_plus 4.2-4201 4.2-4201.x
zohocorp / manageengine_datasecurity_plus 4.2-4210 4.2-4210.x
zohocorp / manageengine_datasecurity_plus 4.2-4211 4.2-4211.x
zohocorp / manageengine_datasecurity_plus 4.3-4300 4.3-4300.x
zohocorp / manageengine_datasecurity_plus 4.3-4301 4.3-4301.x
zohocorp / manageengine_datasecurity_plus 4.3-4302 4.3-4302.x
zohocorp / manageengine_datasecurity_plus 5.0-5000 5.0-5000.x
zohocorp / manageengine_datasecurity_plus 5.0-5001 5.0-5001.x
zohocorp / manageengine_datasecurity_plus 5.0-5002 5.0-5002.x
zohocorp / manageengine_datasecurity_plus 5.0-5003 5.0-5003.x
zohocorp / manageengine_datasecurity_plus 5.0-5004 5.0-5004.x
zohocorp / manageengine_datasecurity_plus 5.0-5010 5.0-5010.x
zohocorp / manageengine_datasecurity_plus 5.0-5011 5.0-5011.x