ManageEngine.ServiceDesk.FileDownload.Directory.Traversal
Description
This indicates an attack attempt to exploit a Directory Traversal vulnerability in ManageEngine ServiceDesk.
The vulnerability is caused by an improper validation of user supplied data when the vulnerable application handles a maliciously crafted request. An attacker can exploit this to execute arbitrary file download on the affected machine via a crafted request.
Affected Products
ManageEngine ServiceDesk Plus 9.1 build 9110 and prior
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems
Recommended Actions
Apply the latest update from the vendor.
https://www.manageengine.com/products/service-desk/readme-9.1.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |