PT-2019-13953 · Zoho · Zoho Manageengine Servicedesk Plus

Publicado

2019-08-14

·

Atualizado

2022-04-18

·

CVE-2019-15046

CVSS v3.1

7.5

Alta

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Zoho ManageEngine ServiceDesk Plus version 10 before 10509
Description The issue allows unauthenticated sensitive information leakage during Fail Over Service (FOS) replication.
Recommendations For Zoho ManageEngine ServiceDesk Plus version 10 before 10509, update to version 10509 or later to resolve the issue.

Exploit

Correção

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-287

Identificadores relacionados

CVE-2019-15046

Produtos afetados

Zoho Manageengine Servicedesk Plus