漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
N/A
漏洞信息
An issue was discovered in Zoho ManageEngine Desktop Central before 100251. By leveraging access to a log file, a context-dependent attacker can obtain (depending on the modules configured) the Base64 encoded Password/Username of AD accounts, the cleartext Password/Username and mail settings of the EAS account (an AD account used to send mail), the cleartext password of recovery_password of Android devices, the cleartext password of account "set", the location of devices enrolled in the platform (with UUID and information related to the name of the person at the location), critical information about all enrolled devices such as Serial Number, UUID, Model, Name, and auth_session_token (usable to spoof a terminal identity on the platform), etc.
漏洞信息
N/A
漏洞
N/A
漏洞
ZOHO ManageEngine Desktop Central 安全漏洞
漏洞信息
ZOHO ManageEngine Desktop Central(DC)是美国卓豪(ZOHO)公司的一套桌面管理解决方案。该方案包含软件分发、补丁管理、系统配置、远程控制等功能模块,可对桌面机以及服务器管理的整个生命周期提供支持。 ZOHO ManageEngine DC 100251之前版本中存在安全漏洞。攻击者可借助日志文件的访问权限利用该漏洞获取AD账户的Base64编码的用户名/密码,EAS账户的邮件设备及明文密码/用户名,Android设备的recovery_password的明文密码,‘se
漏洞信息
N/A
漏洞
N/A