Security Advisory

CVE-2019-10273

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-04-04 15:36:47

Last updated 2024-08-04 22:17:19

Assigner mitre

State PUBLISHED

Description

Information leakage vulnerability in the /mc login page in ManageEngine ServiceDesk Plus 9.3 software allows authenticated users to enumerate active users. Due to a flaw within the way the authentication is handled, an attacker is able to login and verify any active account.

← Browse all CVEs View on cve.org ↗