3 matches found
The vulnerability of the web application agent for managing IT assets, ManageEngine AssetExplorer, allows a perpetrator to execute arbitrary code or trigger a service failure.
The vulnerability of the ManageEngine AssetExplorer, a web application for managing IT assets, is related to errors in the certificate validation process. Exploiting this vulnerability could allow an attacker to execute arbitrary code or trigger a service failure using specially crafted NEWSCAN...
UBUNTU-CVE-2021-20109
Due to the Asset Explorer agent not validating HTTPS certificates, an attacker on the network can statically configure their IP address to match the Asset Explorer's Server IP address. This will allow an attacker to send a NEWSCAN request to a listening agent on the network as well as receive the...
CVE-2021-20110
Due to Manage Engine Asset Explorer Agent 1.0.34 not validating HTTPS certificates, an attacker on the network can statically configure their IP address to match the Asset Explorer's Server IP address. This will allow an attacker to send a NEWSCAN request to a listening agent on the network as we...