Vulnerabilities

CVE-2018-11716

by Fred · 16/07/2018

An issue was discovered in Zoho ManageEngine Desktop Central before 100230. There is unauthenticated remote access to all log files of a Desktop Central instance containing critical information (private information such as location of enrolled devices, cleartext passwords, patching level, etc.) via a GET request on port 8022, 8443, or 8444.

Date published : 2018-07-16

https://www.manageengine.com/products/desktop-central/vulnerability-in-log-files.html

https://blog.netxp.fr/manageengine-deep-exploitation/

Similar

Tags: Cybersecurity Alert