Description
Zoho ManageEngine ServiceDesk Plus MSP before 10609 and SupportCenter Plus before 11025 are vulnerable to privilege escalation. This allows users to obtain sensitive data during an exportMickeyList export of requests from the list view.
Related CPE's
a
zohocorp
manageengine_servicedesk_plus_msp
11
a
zohocorp
manageengine_supportcenter_plus
26
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 · High
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2022-11-12T04:15:09.010
2 years agoLast modified
2023-08-08T14:21:49.707
1 year ago