User Account Credential Disclosure in ManageEngine DeviceExpert before 5.9 build 5981

User Account Credential Disclosure in ManageEngine DeviceExpert before 5.9 build 5981

CVE-2014-5377 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

ReadUsersFromMasterServlet in ManageEngine DeviceExpert before 5.9 build 5981 allows remote attackers to obtain user account credentials via a direct request.

Learn more about our User Device Pen Test.