CVE-2019-10273

2019-04-04T16:29:00
ID CVE-2019-10273
Type cve
Reporter cve@mitre.org
Modified 2019-05-06T15:58:00

Description

Information leakage vulnerability in the /mc login page in ManageEngine ServiceDesk Plus 9.3 software allows authenticated users to enumerate active users. Due to a flaw within the way the authentication is handled, an attacker is able to login and verify any active account.