6 matches found
Metasploit Weekly Wrap-Up
ICPR Certificate Management This week Metasploit has a new ICPR Certificate Management module from Oliver Lyak and our very own Spencer McIntyre, which can be utilized for issuing certificates via Active Directory Certificate Services. It has the capability to issue certificates which is useful i...
CVE-2020-11532
creationtimestamp| type| source ---|---|--- 2022-09-01 14:09:11+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/manageengineadauditplusxnodeenum.rb 2022-09-01 14:09:11+00:00| seen|...
Zoho ManageEngine DataSecurity Plus Authentication Bypass (CVE-2020-11532)
An authentication bypass vulnerability exists in Zoho ManageEngine DataSecurity Plus. The vulnerability is due to the presence of hardcoded default credentials for the Dataengine Xnode server component...
ManageEngine DataSecurity Plus Authentication Bypass Vulnerability
ManageEngine DataSecurity Plus versions prior to 6.0.1 and ADAudit Plus versions prior to 6.0.3 suffer from an authentication bypass vulnerability. ManageEngine DataSecurity Plus Authentication Bypass Identifiers ------------------------------------------------- CVE-2020-11532 XL-20-002 CVSSv3...
CVE-2020-11532
CVE-2020-11532 affects ManageEngine ADAudit Plus and DataSecurity Plus via the DataEngine Xnode server. Connected sources confirm that default admin credentials can be used to bypass authentication and perform actions with admin privileges, enabling data enumeration of Xnode repositories (e.g., d...
ManageEngine DataSecurity Plus Authentication Bypass
XL-2020-002 - DataSecurity Plus Xnode Server - Authentication Bypass =============================================================================== Identifiers ------------------------------------------------- CVE-2020-11532 XL-20-002 CVSSv3 score ------------------------------------------------...