Security News > 2018 > March > Flaws in ManageEngine apps opens enterprise systems to compromise

Researchers have discovered multiple severe vulnerabilities in ManageEngine’s line of tools for internal IT support teams, which are used by over half of Fortune 500 companies. About the vulnerabilities The first flaw affects EventLog Analyzer 11.8 and Log360 5.3, and could be exploited to achieve remote code execution with the same privileges as the user that started the application, by uploading a web shell to be written to the web root. The rest of the … More → The post Flaws in ManageEngine apps opens enterprise systems to compromise appeared first on Help Net Security.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/_S0Smun2pxY/