Published: 23/11/2022 Updated: 29/11/2022

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

Subscribe to Manageengine Servicedesk Plus

Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to a validation bypass that allows users to access sensitive data via the report module.

Vulnerable Product	Search on Vulmon	Subscribe to Product
zohocorp manageengine servicedesk plus
zohocorp manageengine servicedesk plus 14.0
zohocorp manageengine servicedesk plus msp 10.6
zohocorp manageengine servicedesk plus msp
zohocorp manageengine supportcenter plus 11.0
zohocorp manageengine supportcenter plus
zohocorp manageengine assetexplorer 6.9
zohocorp manageengine assetexplorer

CVE-2022-40772 Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to a validation bypass that allows users to access sensitive data via the report module authentication complexity vector not available not available not available confidentiality integrity availability not available not available not available CVSS Score: not available

CWE-269 https://manageengine.com https://www.manageengine.com/products/service-desk/CVE-2022-40772.html https://github.com/Live-Hack-CVE/CVE-2022-40772 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-40772

Vulnerability Summary

Most Upvoted Vulmon Research Post

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect