ManageEngine.Desktop.Central.Administrator.Account.Creation

description-logoDescription

This indicates an attack attempt against a Privilege Elevation vulnerability in ManageEngine Desktop Central.
The vulnerability is caused by an error when creating an administrator account without authentication through a HTTP request. It allows a remote attacker to gain control of the system via a crafted HTTP request.

affected-products-logoAffected Products

ManageEngine Desktop Central version before version 9.0 build 90109

Impact logoImpact

Privilege Escalation: Remote attackers can elevate their privileges on vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are unaware of any vendor supplied patch or updates available for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-06-07 14.628 Severity:medium:critical