logo
Vulnerability feed
Contributors
About
Blog
CONTRIBUTE

Vulnerability

warn

CVE-2019-19034

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2019-19034

Description:
Zoho ManageEngine Asset Explorer 6.5 does not validate the System Center Configuration Manager (SCCM) database username when dynamically generating a command to schedule scans for SCCM. This allows an attacker to execute arbitrary commands on the AssetExplorer Server with NT AUTHORITY/SYSTEM privileges.
Last updated date:
02/03/2023
Type:
exploit
Confidence:
HIGH
Date of publishing:
02/03/2023
Reference url to background

http://packetstormsecurity.com/files/157731/ManageEngine-AssetExplorer-Authenticated-Command-Execution.html

Type:
exploit
Confidence:
HIGH
Date of publishing:
02/03/2023
Reference url to background

http://seclists.org/fulldisclosure/2020/May/36

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy