CVE-2025-6239
BaseFortify
Publication date: 2025-10-21
Last updated on: 2025-10-24
Assigner: ManageEngine
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| zohocorp | manageengine_applications_manager | to 17.6 (exc) |
| zohocorp | manageengine_applications_manager | 17.6 |
| zohocorp | manageengine_applications_manager | 17.6 |
| zohocorp | manageengine_applications_manager | 17.6 |
| zohocorp | manageengine_applications_manager | 17.6 |
| zohocorp | manageengine_applications_manager | 17.6 |
| zohocorp | manageengine_applications_manager | 17.6 |
| zohocorp | manageengine_applications_manager | 17.6 |
| zohocorp | manageengine_applications_manager | 17.6 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects Zohocorp ManageEngine Applications Manager versions 176800 and below, where the File/Directory monitor component is susceptible to information disclosure. This means that unauthorized users with some level of privileges may be able to access sensitive information through this component.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized disclosure of sensitive information, which could compromise confidentiality. Although it does not affect integrity or availability, the exposure of sensitive data could have serious consequences depending on the nature of the information disclosed.