An issue exists in Zoho ManageEngine DataSecurity Plus prior to 5.0.1 5012. An exposed service allows a basic user ("Operator" access level) to access the configuration file of the mail server (except for the password).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zohocorp manageengine datasecurity plus 4.0 |
||
zohocorp manageengine datasecurity plus 4.1 |
||
zohocorp manageengine datasecurity plus 4.2 |
||
zohocorp manageengine datasecurity plus 4.3 |
||
zohocorp manageengine datasecurity plus 5.0 |