CVE-2025-6239

MEDIUM

Zohocorp ManageEngine Applications Manager <176800 - Info Disclosure

Title source: llm

Description

Zohocorp ManageEngine Applications Manager versions 176800 and below are vulnerable to information disclosure in File/Directory monitor.

References (1)

[Vendor Advisory] https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2025-6239.html

Scores

CVSS v3 6.5

EPSS 0.0002

EPSS Percentile 5.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-200

Status published

Affected Products (9)

zohocorp/manageengine_applications_manager < 17.6

zohocorp/manageengine_applications_manager

zohocorp/manageengine_applications_manager

zohocorp/manageengine_applications_manager

zohocorp/manageengine_applications_manager

zohocorp/manageengine_applications_manager

zohocorp/manageengine_applications_manager

zohocorp/manageengine_applications_manager

zohocorp/manageengine_applications_manager

Timeline

Published Oct 21, 2025

Tracked Since Feb 18, 2026