ManageEngine.Desktop.Central.Administrative.Password.Reset
Description
This indicates an attack attempt against a Security Policy Bypass vulnerability in ManageEngine Desktop Central.
The vulnerability is due to improper validation when a user is trying to access a specific resource. A remote attacker can exploit this to gain access to sensitive information via crafted requests.
Affected Products
ManageEngine Desktop Central Prior to build 90135
Impact
Security Bypass: Remote attackers can bypass security checks of vulnerable systems.
Recommended Actions
Apply the latest update from the vendor
https://www.manageengine.com/products/desktop-central/unauthorized-admin-credential-modification.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-06-07 | 14.628 | Severity:high:critical |