CVE-2019-7162

An issue was discovered in Zoho ManageEngine ADSelfService Plus 5.6 Build 5607. An exposed service allows an unauthenticated person to retrieve internal information from the system and modify the product installation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 91%
VendorProductVersion
zohocorpmanageengine_adselfservice_plus
5.6:5607
𝑥
= Vulnerable software versions
References
https://cds.thalesgroup.com/en/tcs-cert/CVE-2019-7162
https://www.excellium-services.com/cert-xlm-advisory
https://www.excellium-services.com/cert-xlm-advisory/cve-2019-7162/
https://www.excellium-services.com/cert-xlm-advisory/cve-2019-7162/