Remote Unauthenticated Information Disclosure in Zoho ManageEngine Applications Manager

Remote Unauthenticated Information Disclosure in Zoho ManageEngine Applications Manager

CVE-2019-19799 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Zoho ManageEngine Applications Manager before 14600 allows a remote unauthenticated attacker to disclose license related information via WieldFeedServlet servlet.

Learn more about our Web Application Penetration Testing UK.