SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  ManageEngine ServiceDesk Plus Policy Bypass

Category: WEB-ATTACKS      

ZOHO ManageEngine ServiceDesk Plus (SDP) allows remote authenticated users to obtain sensitive ticket information via a (1) getTicketData action to servlet/AJaxServlet or a direct request to (2) swf/flashreport.swf, (3) reports/flash/details.jsp, or (4) reports/CreateReportTable.jsp.

References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1480

Relevant Information


© SonicWall 2020 | Privacy Policy | Conditions for use Version: 10.0