SynopsisThe remote web server contains a Java-based web application that is affected by an information disclosure vulnerability.
DescriptionThe ManageEngine Desktop Central application running on the remote host is prior to version 10 build 10.0.515. It is, therefore, affected by an information disclosure vulnerability in the PDFGenerationServlet component due to improper access controls. An unauthenticated, remote attacker can exploit this to disclose potentially sensitive information.
SolutionUpgrade to ManageEngine Desktop Central version 10 build 10.0.515 or later.