CVE-2016-1159

2020-03-0916:29:51

jpcert

www.cve.org

AI Score

6.5

Confidence

High

EPSS

0.002

Percentile

55.3%

JSON

In ZOHO Password Manager Pro (PMP) 8.3.0 (Build 8303) and 8.4.0 (Build 8400,8401,8402), underprivileged users can obtain sensitive information (entry password history) via a vulnerable hidden service.

CNA Affected

[
  {
    "product": "Password Manager Pro (PMP)",
    "vendor": "ZOHO",
    "versions": [
      {
        "status": "affected",
        "version": "8.3.0 (Build 8303"
      },
      {
        "status": "affected",
        "version": "8.4.0 (Build 8400"
      },
      {
        "status": "affected",
        "version": "8401"
      },
      {
        "status": "affected",
        "version": "8402)."
      }
    ]
  }
]