CVE-2016-9489

In ManageEngine Applications Manager 12 and 13 before build 13200, an authenticated user is able to alter all of their own properties, including own group, i.e. changing their group to one with higher privileges like "ADMIN". A user is also able to change properties of another user, e.g. change...

CVE-2016-9489

ManageEngine Applications Manager (product family) versions 12 and 13 before build 13200 are affected. An authenticated user can modify their own properties (including group) to gain higher privileges (e.g., ADMIN) and can alter properties of other users, such as changing another user’s password....

CVE-2016-9489 ManageEngine Applications Manager 12 and 13 is vulnerable to privilege escalation and authentication bypass

In ManageEngine Applications Manager 12 and 13 before build 13200, an authenticated user is able to alter all of their own properties, including own group, i.e. changing their group to one with higher privileges like "ADMIN". A user is also able to change properties of another user, e.g. change...

ManageEngine Applications Manager < 13200 Multiple Vulnerabilities

ManageEngine Applications Manager is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...