ManageEngine.ServiceDesk.Plus.Security.Bypass
Description
This indicates an attack attempt against a Security Policy Bypass vulnerability in ManageEngine ServiceDesk Plus.
The vulnerability is due to improper validation when a user is trying to access a specific resource. A remote attacker can exploit this to gain access to sensitive information via crafted requests.
Affected Products
ManageEngine ServiceDesk Plus prior to 9.0 build 9031
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Apply the latest update from the vendor
http://www.manageengine.com/products/service-desk/readme-9.0.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2021-06-28 | 18.105 | Sig Added |