Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-9371

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2014-9371
Last Modified 06 Mar 2015 10:30:36
Published 16 Dec 2014 01:59:17
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-9371

Summary

The NativeAppServlet in ManageEngine Desktop Central MSP before 90075 allows remote attackers to execute arbitrary code via a crafted JSON object.

Vulnerable Systems

Application

  • Manageengine Desktop Central 9.0

  • Zohocorp Manageengine Desktop Central 9.0


References

MISC - http://www.zerodayinitiative.com/advisories/ZDI-14-420/


Last Updated: 27 May 2016 11:07:58