ManageEngine.DataSecurity.Plus.Authentication.Bypass
Description
This indicates an attack attempt to exploit an Authentication Bypass Vulnerability in Zoho Corporation ManageEngine DataSecurity Plus.
The vulnerability is due to the presence of hardcoded default credentials for the Dataengine Xnode server component. A remote, unauthenticated attacker could exploit this vulnerability by using default admin credentials. Successful exploitation of this vulnerability result in the bypassing of authentication and allows the attacker to perform arbitrary actions with administrative privileges.
Affected Products
Zoho Corporation ManageEngine DataSecurity Plus prior to Build 6013
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://www.manageengine.com/data-security/release-notes.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2023-08-03 | 25.614 | Name:ZOHO. ManageEngine. DataSecurity. Plus. Authentication. Bypass:ManageEngine. DataSecurity. Plus. Authentication. Bypass |
2020-09-30 | 16.934 | Name:Zoho. ManageEngine. DataSecurity. Plus. Authentication. Bypass:ZOHO. ManageEngine. DataSecurity. Plus. Authentication. Bypass |
2020-06-11 | 15.863 | Default_action:pass:drop |
2020-06-02 | 15.855 |