Headline
CVE-2019-12537: ManageEngine AssetExplorer Read Me
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the SearchN.do search field.
AssetExplorer is comprehensive Asset Management Software that offers enterprise-wide asset visibility and control to manage all your IT and Non-IT assets. With integrated Software Asset Management, you can manage software licenses and ensure Software License Compliance. AssetExplorer offers Contract Management and complete Purchase Order System with an approval system.
AssetExplorer Features
- IT and Non-IT asset management.
- Complete IT-asset Discovery helps you scan Workstations, Printers, Switches, Routers, and Access Points.
- Detailed workstation inventory with Hardware, software details such as processors, software installed, memory changes, mouse and so on.
- Software Asset Management helps you track purchased software license versus installed software to ensure software compliance.
- Software License Metering helps you track Frequently and Rarely used software to make informed future purchase decisions.
- Manage Asset contracts and get notified on contract before renewal dates.
- Implement complete Purchase Order Cycle with Approvals.
- Comprehensive Network Audit History provides comprehensive Workstations, Hardware and software changes.
Please get back to us with your feedbacks. Feel free to mail your suggessions, views, and opinions about the product.
Email:
Online Demo: http://demo.assetexplorer.com/
Phone: +1 888 720 9500
Related news
Zoho ManageEngine Asset Explorer 6.5 does not validate the System Center Configuration Manager (SCCM) database username when dynamically generating a command to schedule scans for SCCM. This allows an attacker to execute arbitrary commands on the AssetExplorer Server with NT AUTHORITY/SYSTEM privileges.