Intrusion Prevention

ManageEngine.ServiceDesk.File.Upload.Directory.Traversal

Description

This indicates an attack attempt against a Security Policy Bypass vulnerability in ManageEngine ServiceDesk.
The vulnerability is due to improper validation when a user is trying to access a specific resource. A remote attacker can exploit this to upload a malicious file on the affected machine and execute it under context of the current user, via a crafted request.

Affected Products

ManageEngine ServiceDesk Plus prior to 9.0 9103 build

Impact

System Compromise: Remote attackers can execute arbitrary code in the context of the affected user

Recommended Actions

Apply the latest update from the vendor
https://www.manageengine.com/products/service-desk/service-packs.html

Other References

ZDI-15-396