Page 3 of 21 results (0.003 seconds)
CVSS: 9.8EPSS: 9%CPEs: 1EXPL: 1
CVSS: 9.8EPSS: 9%CPEs: 1EXPL: 1CVE-2018-11717
https://notcve.org/view.php?id=CVE-2018-11717
16 Jul 2018 — An issue was discovered in Zoho ManageEngine Desktop Central before 100251. By leveraging access to a log file, a context-dependent attacker can obtain (depending on the modules configured) the Base64 encoded Password/Username of AD accounts, the cleartext Password/Username and mail settings of the EAS account (an AD account used to send mail), the cleartext password of recovery_password of Android devices, the cleartext password of account "set", the location of devices enrolled in the platform (with UUID ... • https://blog.netxp.fr/manageengine-deep-exploitation • CWE-532: Insertion of Sensitive Information into Log File •