← back
CVE-2014-5377

CVE-2014-5377

50Vexday Risk Score

Patch soon. It has a working public exploit.

ssvc Attendepss 57%
from disclosure to weapon0 days
Published on NVDSep 4
1st PoCAug 28
metasploitAug 28
exploitation probability
57%top 1% of all CVEs
observed exploitation
nono source reports it
3 public exploit(s)
ReadUsersFromMasterServlet in ManageEngine DeviceExpert before 5.9 build 5981 allows remote attackers to obtain user account credentials via a direct request.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.