CVE-2018-11716

An issue was discovered in Zoho ManageEngine Desktop Central before 100230. There is unauthenticated remote access to all log files of a Desktop Central instance containing critical information (private information such as location of enrolled devices, cleartext passwords, patching level, etc.) via a GET request on port 8022, 8443, or 8444.
Configurations

Configuration 1

cpe:2.3:a:zohocorp:manageengine_desktop_central:*:*:*:*:*:*:*:*

Information

Published : 2018-07-16 02:29

Updated : 2018-09-17 04:53


NVD link : CVE-2018-11716

Mitre link : CVE-2018-11716

Products Affected
No products.
CWE
CWE-532

Insertion of Sensitive Information into Log File