ManageEngine ServiceDesk version 9.0 prior to build 9031 suffers from a remote user enumeration vulnerability.