ManageEngine EventLog Analyzer agentHandler Information Disclosure (CVE-2014-6038)
An information disclosure vulnerability exists in ManageEngine EventLog Analyzer. The vulnerability is due to a failure to restrict access to confidential data and an input validation error in the agentHandler servlet. A remote unauthenticated attacker can exploit the vulnerability to disclose...