Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:MISC:MANAGE-ENGNE-ADMIN-AC
Severity	Minor
Recommended	Yes
Recommended Action	Drop
Category	HTTP
Keywords	ManageEngine Desktop Central Servlet AddPluginUser Action Admin Account Creation
Release Date	2015/01/08
Update Number	2457
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: ManageEngine Desktop Central Servlet AddPluginUser Action Admin Account Creation

This signature detects attempts to exploit a known vulnerability against ManageEngine Desktop. A successful exploit can lead to admin account creation.

Extended Description

The DCPluginServelet servlet in ManageEngine Desktop Central and Desktop Central MSP before build 90109 allows remote attackers to create administrator accounts via an addPlugInUser action.

References

CVE: CVE-2014-7862

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: ManageEngine Desktop Central Servlet AddPluginUser Action Admin Account Creation

Extended Description

References