2 matches found
CVE-2019-20474
An issue was discovered in Zoho ManageEngine Remote Access Plus 10.0.447. The service to test the mail-server configuration suffers from an authorization issue allowing a user with the Guest role read-only access to use and abuse it. One of the abuses allows performing network and port scan...
CVE-2019-20474
Zoho ManageEngine Remote Access Plus 10.0.447 contains an authorization issue in the mail-server configuration test feature that can be abused by a user with the Guest (read-only) role. The issue enables SSRF-like behavior, allowing network and port scanning of the localhost or other hosts on the...