Authentication Bypass in ManageEngine Applications Manager
CVE-2008-0476

Currently unrated

Key Information:

Vendor: Manageengine
Status: Applications Manager
Vendor: CVE Published:; 29 January 2008

Summary

ManageEngine Applications Manager version 8.1 build 8100 is subject to an authentication bypass vulnerability that allows remote attackers unauthorized access to sensitive information. The flaw arises due to the lack of proper authentication checks for certain functionalities, notably monitorType.do, enabling potential attackers to alter settings and retrieve confidential data via unspecified methods. This vulnerability compromises the integrity and security of the application, posing a significant risk to user information.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/39915

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/27443

vdb-entryx_refsource_BID

http://secunia.com/advisories/28332

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jan 29, 2008
Vulnerability Reserved
Jan 29, 2008