SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  ManageEngine DataSecurity Plus Authentication Bypass

Category: MISC      

Zoho ManageEngine DataSecurity Plus prior to 6.0.1 uses default admin credentials to communicate with a DataEngine Xnode server. This allows an attacker to bypass authentication for this server and execute all operations in the context of admin user.

References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11532


Relevant Information