Published: 23/11/2022 Updated: 28/11/2022

CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2

Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to authenticated command injection. This can be exploited by high-privileged users.

Vulnerable Product	Search on Vulmon	Subscribe to Product
zohocorp manageengine servicedesk plus 13.0
zohocorp manageengine servicedesk plus
zohocorp manageengine servicedesk plus msp 10.6
zohocorp manageengine servicedesk plus msp
zohocorp manageengine supportcenter plus 11.0
zohocorp manageengine supportcenter plus

CVE-2022-40770 Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to authenticated command injection This can be exploited by high-privileged users authentication complexity vector not available not available not available confidentiality integrity availability not available not available not available CVSS Score: not available Refe

CWE-77 https://manageengine.com https://www.manageengine.com/products/service-desk/CVE-2022-40770.html https://github.com/Live-Hack-CVE/CVE-2022-40770 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-40770

Vulnerability Summary

Most Upvoted Vulmon Research Post

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect