Vulnerabilities

CVE-2019-10273

by Fred · 04/04/2019

Information leakage vulnerability in the /mc login page in ManageEngine ServiceDesk Plus 9.3 software allows authenticated users to enumerate active users. Due to a flaw within the way the authentication is handled, an attacker is able to login and verify any active account.

Date published : 2019-04-04

https://www.exploit-db.com/exploits/46674/

http://packetstormsecurity.com/files/152439/ManageEngine-ServiceDesk-Plus-9.3-User-Enumeration.html

Similar

Tags: Cybersecurity Alert