ManageEngine.Desktop.Central.Administrator.Account.Creation
Description
This indicates an attack attempt against a Privilege Elevation vulnerability in ManageEngine Desktop Central.
The vulnerability is caused by an error when creating an administrator account without authentication through a HTTP request. It allows a remote attacker to gain control of the system via a crafted HTTP request.
Affected Products
ManageEngine Desktop Central version before version 9.0 build 90109
Impact
Privilege Escalation: Remote attackers can elevate their privileges on vulnerable systems.
Recommended Actions
Currently we are unaware of any vendor supplied patch or updates available for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-06-07 | 14.628 | Severity:medium:critical |