Unrated severityNVD Advisory· Published Apr 24, 2019· Updated Aug 4, 2024
CVE-2019-10008
CVE-2019-10008
Description
Zoho ManageEngine ServiceDesk 9.3 allows session hijacking and privilege escalation because an established guest session is automatically converted into an established administrator session when the guest user enters the administrator username, with an arbitrary incorrect password, in an mc/ login attempt within a different browser tab.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: =9.3
Patches
Vulnerability mechanics
References
2- www.exploit-db.com/exploits/46659mitreexploitx_refsource_EXPLOIT-DB
- www.manageengine.com/products/service-desk/readme.htmlmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.