CVE-2016-1159

2020-03-0916:29:51

jpcert

www.cve.org

6.5 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.1%

JSON

In ZOHO Password Manager Pro (PMP) 8.3.0 (Build 8303) and 8.4.0 (Build 8400,8401,8402), underprivileged users can obtain sensitive information (entry password history) via a vulnerable hidden service.

CNA Affected

[
  {
    "product": "Password Manager Pro (PMP)",
    "vendor": "ZOHO",
    "versions": [
      {
        "status": "affected",
        "version": "8.3.0 (Build 8303"
      },
      {
        "status": "affected",
        "version": "8.4.0 (Build 8400"
      },
      {
        "status": "affected",
        "version": "8401"
      },
      {
        "status": "affected",
        "version": "8402)."
      }
    ]
  }
]