CVE-2019-19800
First published: Thu Feb 06 2020(Updated: )
Zoho ManageEngine Applications Manager 14 before 14520 allows a remote unauthenticated attacker to disclose OS file names via FailOverHelperServlet.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ManageEngine Applications Manager | =14.0 | |
| ManageEngine Applications Manager | =14.0-build14000 | |
| ManageEngine Applications Manager | =14.0-build14010 | |
| ManageEngine Applications Manager | =14.0-build14020 | |
| ManageEngine Applications Manager | =14.0-build14030 | |
| ManageEngine Applications Manager | =14.0-build14040 | |
| ManageEngine Applications Manager | =14.0-build14050 | |
| ManageEngine Applications Manager | =14.0-build14060 | |
| ManageEngine Applications Manager | =14.0-build14070 | |
| ManageEngine Applications Manager | =14.0-build14071 | |
| ManageEngine Applications Manager | =14.0-build14072 | |
| ManageEngine Applications Manager | =14.0-build14073 | |
| ManageEngine Applications Manager | =14.0-build14080 | |
| ManageEngine Applications Manager | =14.0-build14090 | |
| ManageEngine Applications Manager | =14.0-build14100 | |
| ManageEngine Applications Manager | =14.0-build14110 | |
| ManageEngine Applications Manager | =14.0-build14120 | |
| ManageEngine Applications Manager | =14.0-build14130 | |
| ManageEngine Applications Manager | =14.0-build14140 | |
| ManageEngine Applications Manager | =14.0-build14150 | |
| ManageEngine Applications Manager | =14.0-build14160 | |
| ManageEngine Applications Manager | =14.0-build14170 | |
| ManageEngine Applications Manager | =14.0-build14180 | |
| ManageEngine Applications Manager | =14.0-build14190 | |
| ManageEngine Applications Manager | =14.0-build14200 | |
| ManageEngine Applications Manager | =14.0-build14210 | |
| ManageEngine Applications Manager | =14.0-build14220 | |
| ManageEngine Applications Manager | =14.0-build14230 | |
| ManageEngine Applications Manager | =14.0-build14240 | |
| ManageEngine Applications Manager | =14.0-build14250 | |
| ManageEngine Applications Manager | =14.0-build14260 | |
| ManageEngine Applications Manager | =14.0-build14261 | |
| ManageEngine Applications Manager | =14.0-build14262 | |
| ManageEngine Applications Manager | =14.0-build14270 | |
| ManageEngine Applications Manager | =14.0-build14280 | |
| ManageEngine Applications Manager | =14.0-build14290 | |
| ManageEngine Applications Manager | =14.0-build14300 | |
| ManageEngine Applications Manager | =14.0-build14310 | |
| ManageEngine Applications Manager | =14.0-build14330 | |
| ManageEngine Applications Manager | =14.0-build14331 | |
| ManageEngine Applications Manager | =14.0-build14332 | |
| ManageEngine Applications Manager | =14.0-build14340 | |
| ManageEngine Applications Manager | =14.0-build14350 | |
| ManageEngine Applications Manager | =14.0-build14360 | |
| ManageEngine Applications Manager | =14.0-build14361 | |
| ManageEngine Applications Manager | =14.0-build14370 | |
| ManageEngine Applications Manager | =14.0-build14380 | |
| ManageEngine Applications Manager | =14.0-build14390 | |
| ManageEngine Applications Manager | =14.0-build14400 | |
| ManageEngine Applications Manager | =14.0-build14401 | |
| ManageEngine Applications Manager | =14.0-build14410 | |
| ManageEngine Applications Manager | =14.0-build14420 | |
| ManageEngine Applications Manager | =14.0-build14430 | |
| ManageEngine Applications Manager | =14.0-build14440 | |
| ManageEngine Applications Manager | =14.0-build14450 | |
| ManageEngine Applications Manager | =14.0-build14460 | |
| ManageEngine Applications Manager | =14.0-build14470 | |
| ManageEngine Applications Manager | =14.0-build14480 | |
| ManageEngine Applications Manager | =14.0-build14490 | |
| ManageEngine Applications Manager | =14.0-build14500 | |
| ManageEngine Applications Manager | =14.0-build14510 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-19800?
CVE-2019-19800 has a medium severity rating due to its potential for unauthorized OS file name disclosure by remote attackers.
How do I fix CVE-2019-19800?
To fix CVE-2019-19800, upgrade to Zoho ManageEngine Applications Manager version 14.0 build 14520 or later.
Which versions are affected by CVE-2019-19800?
CVE-2019-19800 affects all versions of Zoho ManageEngine Applications Manager 14 before build 14520.
Can CVE-2019-19800 be exploited remotely?
Yes, CVE-2019-19800 can be exploited by remote unauthenticated attackers.
What type of vulnerability is CVE-2019-19800?
CVE-2019-19800 is classified as an information disclosure vulnerability.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/references
- agent/last-modified-date
- agent/severity
- agent/first-publish-date
- agent/event
- agent/description
- agent/softwarecombine
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/zohocorp
- canonical/manageengine applications manager
- version/manageengine applications manager/14.0
- version/manageengine applications manager/14.0-build14000
- version/manageengine applications manager/14.0-build14010
- version/manageengine applications manager/14.0-build14020
- version/manageengine applications manager/14.0-build14030
- version/manageengine applications manager/14.0-build14040
- version/manageengine applications manager/14.0-build14050
- version/manageengine applications manager/14.0-build14060
- version/manageengine applications manager/14.0-build14070
- version/manageengine applications manager/14.0-build14071
- version/manageengine applications manager/14.0-build14072
- version/manageengine applications manager/14.0-build14073
- version/manageengine applications manager/14.0-build14080
- version/manageengine applications manager/14.0-build14090
- version/manageengine applications manager/14.0-build14100
- version/manageengine applications manager/14.0-build14110
- version/manageengine applications manager/14.0-build14120
- version/manageengine applications manager/14.0-build14130
- version/manageengine applications manager/14.0-build14140
- version/manageengine applications manager/14.0-build14150
- version/manageengine applications manager/14.0-build14160
- version/manageengine applications manager/14.0-build14170
- version/manageengine applications manager/14.0-build14180
- version/manageengine applications manager/14.0-build14190
- version/manageengine applications manager/14.0-build14200
- version/manageengine applications manager/14.0-build14210
- version/manageengine applications manager/14.0-build14220
- version/manageengine applications manager/14.0-build14230
- version/manageengine applications manager/14.0-build14240
- version/manageengine applications manager/14.0-build14250
- version/manageengine applications manager/14.0-build14260
- version/manageengine applications manager/14.0-build14261
- version/manageengine applications manager/14.0-build14262
- version/manageengine applications manager/14.0-build14270
- version/manageengine applications manager/14.0-build14280
- version/manageengine applications manager/14.0-build14290
- version/manageengine applications manager/14.0-build14300
- version/manageengine applications manager/14.0-build14310
- version/manageengine applications manager/14.0-build14330
- version/manageengine applications manager/14.0-build14331
- version/manageengine applications manager/14.0-build14332
- version/manageengine applications manager/14.0-build14340
- version/manageengine applications manager/14.0-build14350
- version/manageengine applications manager/14.0-build14360
- version/manageengine applications manager/14.0-build14361
- version/manageengine applications manager/14.0-build14370
- version/manageengine applications manager/14.0-build14380
- version/manageengine applications manager/14.0-build14390
- version/manageengine applications manager/14.0-build14400
- version/manageengine applications manager/14.0-build14401
- version/manageengine applications manager/14.0-build14410
- version/manageengine applications manager/14.0-build14420
- version/manageengine applications manager/14.0-build14430
- version/manageengine applications manager/14.0-build14440
- version/manageengine applications manager/14.0-build14450
- version/manageengine applications manager/14.0-build14460
- version/manageengine applications manager/14.0-build14470
- version/manageengine applications manager/14.0-build14480
- version/manageengine applications manager/14.0-build14490
- version/manageengine applications manager/14.0-build14500
- version/manageengine applications manager/14.0-build14510