ManageEngine ServiceDesk Plus Authentication Bypass Vulnerability Network Vulnerability

Summary

This host is running ManageEngine ServiceDesk Plus and is prone to authentication bypass vulnerability.

Impact

Successful exploitation will allow attacker to get user names and passwords of registered users. This may allow an attacker to steal cookie-based authentications and launch further attacks. Impact Level: Application

Solution

Vendor has released a patch to fix this issue, please refer below link for more information. http://www.manageengine.com/products/service-desk/readme-8.0.html

Insight

The flaw is due to an error in authentication process, User passwords are pseudo encrypted and locally stored in user cookies. Having Javascript code encrypt and decrypt passwords in Login.js file.

Affected

ManageEngine ServiceDesk Plus 8.0 Build 8013 and prior.

References

http://packetstormsecurity.org/files/view/105123/CORE-2011-0506.txt
http://www.coresecurity.com/content/multiples-vulnerabilities-manageengine-sdp

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-1509

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apache Solr XML External Entity(XXE) Vulnerability-01 Jan-14
Admidio get_file.php Remote File Disclosure Vulnerability
Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
Apache Tomcat Directory Listing and File disclosure
A Really Simple Chat Multiple XSS Vulnerabilities

Take action and discover your vulnerabilities