CVE-2019-19034 is a vulnerability in Zoho Corp Manageengine Assetexplorer
Published on March 23, 2020

Zoho ManageEngine Asset Explorer 6.5 does not validate the System Center Configuration Manager (SCCM) database username when dynamically generating a command to schedule scans for SCCM. This allows an attacker to execute arbitrary commands on the AssetExplorer Server with NT AUTHORITY/SYSTEM privileges.

NVD

Products Associated with CVE-2019-19034

Want to know whenever a new CVE is published for Zoho Corp Manageengine Assetexplorer? stack.watch will email you.

Zoho Corp Manageengine Assetexplorer

Exploit Probability

EPSS

20.91%

Percentile

95.52%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-19034 is a vulnerability in Zoho Corp Manageengine AssetexplorerPublished on March 23, 2020

Products Associated with CVE-2019-19034

Exploit Probability

CVE-2019-19034 is a vulnerability in Zoho Corp Manageengine Assetexplorer
Published on March 23, 2020