CVE-2019-19475 is a vulnerability in Zoho Corp Manageengine Applications Manager
Published on January 10, 2020
An issue was discovered in ManageEngine Applications Manager 14 with Build 14360. Integrated PostgreSQL which is built-in in Applications Manager is prone to attack due to lack of file permission security. The malicious users who are in Authenticated Users group can exploit privilege escalation and modify PostgreSQL configuration to execute arbitrary command to escalate and gain full system privilege user access and rights over the system.
Products Associated with CVE-2019-19475
Want to know whenever a new CVE is published for Zoho Corp Manageengine Applications Manager? stack.watch will email you.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.