Zoho ManageEngine ServiceDesk Plus prior to 14202, ServiceDesk Plus MSP prior to 14300, and SupportCenter Plus prior to 14300 have a privilege escalation vulnerability in the Release module that allows unprivileged users to access the Reminders of a release ticket and make modifications.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zohocorp manageengine servicedesk plus |
||
zohocorp manageengine servicedesk plus 14.2 |
||
zohocorp manageengine servicedesk plus msp |
||
zohocorp manageengine servicedesk plus msp 14.2 |
||
zohocorp manageengine supportcenter plus |
||
zohocorp manageengine supportcenter plus 14.2 |