Arbitrary Administrator Account Creation Vulnerability in ManageEngine Desktop Central
CVE-2014-7862 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
The DCPluginServelet servlet in ManageEngine Desktop Central and Desktop Central MSP before build 90109 allows remote attackers to create administrator accounts via an addPlugInUser action.
Learn more about our Cis Benchmark Audit For Desktop Software.