CVE-2020-11532

2020-05-08T21:15:00
ID CVE-2020-11532
Type cve
Reporter cve@mitre.org
Modified 2020-05-18T12:15:00

Description

Zoho ManageEngine DataSecurity Plus prior to 6.0.1 uses default admin credentials to communicate with a DataEngine Xnode server. This allows an attacker to bypass authentication for this server and execute all operations in the context of admin user.