Vulnerabilities

CVE-2014-0344

by Fred · 29/03/2014

Properties.do in ZOHO ManageEngine OpStor before build 8500 does not properly check privilege levels, which allows remote authenticated users to obtain Admin access by using the name parameter in conjunction with a true value of the edit parameter.

Date published : 2014-03-29

http://www.securityfocus.com/bid/66499

http://www.kb.cert.org/vuls/id/140886

Related

Tags: Cybersecurity Alert