Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:DIR:MANAGEENGINE
Severity	Major
Recommended	Yes
Recommended Action	Drop
Category	HTTP
Keywords	ManageEngine Multiple Products File Attachment Directory Traversal
Release Date	2015/01/28
Update Number	2462
Supported Platforms	idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: ManageEngine Multiple Products File Attachment Directory Traversal

This signature detects directory traversal attack attempts on ManageEngine ServiceDesk Plus, AssetExplorer, SupportCenter and IT360. A successful attack scenario, the attacker can execute arbitrary code with SYSTEM privileges by placing executable files in critical locations.

Extended Description

Directory traversal vulnerability in ServiceDesk Plus MSP v5 to v9.0 v9030; AssetExplorer v4 to v6.1; SupportCenter v5 to v7.9; IT360 v8 to v10.4.

Affected Products

Manageengine assetexplorer -
Manageengine it360 -
Manageengine servicedesk_plus -
Manageengine supportcenter -

References

CVE: CVE-2014-5301

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: ManageEngine Multiple Products File Attachment Directory Traversal

Extended Description

Affected Products

References