CVE-2019-8925 is a vulnerability in Zoho Corp Manageengine Netflow Analyzer
Published on May 17, 2019

An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. An Absolute Path Traversal vulnerability in the Administration zone, in /netflow/servlet/CReportPDFServlet (via the parameter schFilePath), allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via any file name, such as a schFilePath=C:\boot.ini value.

NVD

Products Associated with CVE-2019-8925

Want to know whenever a new CVE is published for Zoho Corp Manageengine Netflow Analyzer? stack.watch will email you.

Zoho Corp Manageengine Netflow Analyzer

Exploit Probability

EPSS

9.18%

Percentile

92.58%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-8925 is a vulnerability in Zoho Corp Manageengine Netflow AnalyzerPublished on May 17, 2019

Products Associated with CVE-2019-8925

Exploit Probability

CVE-2019-8925 is a vulnerability in Zoho Corp Manageengine Netflow Analyzer
Published on May 17, 2019