Lucene search
+L

6 matches found

Rapid7 Blog
Rapid7 Blog
added 2022/09/02 7:39 p.m.171 views

Metasploit Weekly Wrap-Up

ICPR Certificate Management This week Metasploit has a new ICPR Certificate Management module from Oliver Lyak and our very own Spencer McIntyre, which can be utilized for issuing certificates via Active Directory Certificate Services. It has the capability to issue certificates which is useful i...

10CVSS8.5AI score0.99374EPSS
Exploits93
Circl
Circl
added 2022/09/01 2:9 p.m.22 views

CVE-2020-11532

creationtimestamp| type| source ---|---|--- 2022-09-01 14:09:11+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/manageengineadauditplusxnodeenum.rb 2022-09-01 14:09:11+00:00| seen|...

10CVSS8.7AI score0.77477EPSS
Exploits7References4
Check Point Advisories
Check Point Advisories
added 2020/05/27 12:0 a.m.75 views

Zoho ManageEngine DataSecurity Plus Authentication Bypass (CVE-2020-11532)

An authentication bypass vulnerability exists in Zoho ManageEngine DataSecurity Plus. The vulnerability is due to the presence of hardcoded default credentials for the Dataengine Xnode server component...

10CVSS2.1AI score0.77477EPSS
Exploits7
0day.today
0day.today
added 2020/05/09 12:0 a.m.77 views

ManageEngine DataSecurity Plus Authentication Bypass Vulnerability

ManageEngine DataSecurity Plus versions prior to 6.0.1 and ADAudit Plus versions prior to 6.0.3 suffer from an authentication bypass vulnerability. ManageEngine DataSecurity Plus Authentication Bypass Identifiers ------------------------------------------------- CVE-2020-11532 XL-20-002 CVSSv3...

10CVSS9.4AI score0.77477EPSS
Exploits7
CVE
CVE
added 2020/05/08 8:2 p.m.212 views

CVE-2020-11532

CVE-2020-11532 affects ManageEngine ADAudit Plus and DataSecurity Plus via the DataEngine Xnode server. Connected sources confirm that default admin credentials can be used to bypass authentication and perform actions with admin privileges, enabling data enumeration of Xnode repositories (e.g., d...

10CVSS9.5AI score0.77477EPSS
Exploits7References3Affected Software2
Packet Storm
Packet Storm
added 2020/05/08 12:0 a.m.213 views

ManageEngine DataSecurity Plus Authentication Bypass

XL-2020-002 - DataSecurity Plus Xnode Server - Authentication Bypass =============================================================================== Identifiers ------------------------------------------------- CVE-2020-11532 XL-20-002 CVSSv3 score ------------------------------------------------...

10CVSS0.7AI score0.77477EPSS
Exploits7
Rows per page
Query Builder