CVE-2019-10273

Information leakage vulnerability in the /mc login page in ManageEngine ServiceDesk Plus 9.3 software allows authenticated users to enumerate active users. Due to a flaw within the way the authentication is handled, an attacker is able to login and verify any active account.
Source: NIST
CVE-2019-10273

Leave a Reply

Your email address will not be published.