ManageEngine.EventLog.Hostdetails.Information.Disclosure
Description
This indicates an attack attempt against an Information Disclosure vulnerability in ManageEngine Eventlog Analyzer.
The vulnerability is due to insufficient validation of user supplied data when handling crafted HTTP Requests. A remote attacker can exploit this to disclose sensitive information from affected machines using malicious packets.
Affected Products
ManageEngine EventLog Analyzer 9.9 build 9002 and prior
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems
Recommended Actions
Currently we are unaware of any vendor supplied patch for this issue
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |