23

 Multiple Zero-Day Vulnerabilities in ManageEngine Products   Science & Technology,Computers,Business Collaboration Results in Prompt Resolution Digital Defense, Inc., a leading security technology and services provider, today announced that its Vulnerability Research Team (VRT) uncovered multiple, previously undisclosed vulnerabilities within several ManageEngine products, allowing unauthenticated file upload, blind SQL injection, authenticated remote code execution and user enumeration, potentially revealing sensitive information or full compromise of the application. Affected applications include: ServiceDesk Plus, Service Plus MSP, OpManager, Firewall Analyzer, Network Configuration Manager, OpUtils and NetFlow Analyzer. ManageEngine is an innovative producer of enterprise IT management software, offering high-end functionality of large network management frameworks to enterprises worldwide. Currently, the company claims to have more than 40,000 customers worldwide, including t