#VU46734 Improper Authentication


Published: 2020-09-15

Vulnerability identifier: #VU46734

Vulnerability risk: High

CVSSv3: 8.5 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: N/A

CWE-ID: CWE-287

Exploitation vector: Network

Exploit availability: No

Vulnerable software: Zoho ManageEngine Desktop Central
Universal components / Libraries / Software for developers

Vendor: Zoho Corporation Pvt. Ltd.

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests in agent-server communication. A remote attacker can bypass authentication process and gain unauthorized access to the application.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Zoho ManageEngine Desktop Central : -, 10.0.200, 10.0.255, 10.0.271, 10.0.276, 10.0.282, 10.0.283, 10.0.288, 10.0.289, 10.0.310, 10.0.312, 10.0.320, 10.0.321, 10.0.396, 10.0.413, 10.0.414, 10.0.415, 10.0.416, 10.0.421, 10.0.422, 10.0.423, 10.0.425, 10.0.426, 10.0.428, 10.0.429, 10.0.430, 10.0.431, 10.0.432, 10.0.433, 10.0.434, 10.0.435, 10.0.436, 10.0.445, 10.0.447, 10.0.448, 10.0.449, 10.0.450, 10.0.451, 10.0.452, 10.0.453, 10.0.454, 10.0.455, 10.0.456, 10.0.457, 10.0.458, 10.0.465, 10.0.466, 10.0.467, 10.0.468, 10.0.469, 10.0.470, 10.0.471, 10.0.472, 10.0.473, 10.0.474, 10.0.475, 10.0.476, 10.0.477, 10.0.478, 10.0.479, 10.0.480, 10.0.481, 10.0.482, 10.0.483, 10.0.484, 10.0.500, 10.0.501, 10.0.506, 10.0.507, 10.0.508, 10.0.509, 10.0.510, 10.0.511, 10.0.512, 10.0.513, 10.0.514, 10.0.515, 10.0.516, 10.0.517, 10.0.522, 10.0.523, 10.0.524, 10.0.525, 10.0.526, 10.0.527, 10.0.528, 10.0.529, 10.0.530, 10.0.531, 10.0.545, 10.0.546, 10.0.549, 10.0.550, 10.0.552, 10.0.553, 10.0.554, 10.0.555, 10.0.556, 10.0.557, 10.0.558, 10.0.570, 10.0.571, 10.0.572, 10.0.573, 10.0.574

CPE

External links
https://www.manageengine.com/products/desktop-central/hotfix-readme1.html#


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability