#VU25643 Improper access control in Zoho ManageEngine EventLog Analyzer - CVE-2019-19774
Published: February 27, 2020 / Updated: June 17, 2021
Vulnerability identifier: #VU25643
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear
CVE-ID: CVE-2019-19774
CWE-ID: CWE-284
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vulnerable software:
Zoho ManageEngine EventLog Analyzer
Zoho ManageEngine EventLog Analyzer
Software vendor:
Zoho Corporation
Zoho Corporation
Description
The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions. A remote attacker can bypass implemented security restrictions by running "select hostdetails from hostdetails" at the /event/runquery.do
endpoint and recover the MD5 hashes of the accounts used to
authenticate the ManageEngine platform to the managed machines on the
network (most often administrative accounts).
Remediation
Install updates from vendor's website.