CVE-2019-19475

Published: Jan 10, 2020

Modified: Aug 5, 2024

PUBLISHED

Description

An issue was discovered in ManageEngine Applications Manager 14 with Build 14360. Integrated PostgreSQL which is built-in in Applications Manager is prone to attack due to lack of file permission security. The malicious users who are in “Authenticated Users” group can exploit privilege escalation and modify PostgreSQL configuration to execute arbitrary command to escalate and gain full system privilege user access and rights over the system.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2019-19475.html

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-19475

Description

Affected Products

References