exploitDog

GHSA-p7qv-g8g6-53r3

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

Incomplete List of Disallowed Inputs in ManageEngine ServiceDesk Plus before version 11205 allows a remote, authenticated attacker to execute arbitrary commands with SYSTEM privileges.

Incomplete List of Disallowed Inputs in ManageEngine ServiceDesk Plus before version 11205 allows a remote, authenticated attacker to execute arbitrary commands with SYSTEM privileges.

Ссылки

EPSS

Процентиль: 98%

0.64528

Средний

7.2 High

CVSS3

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2021-20081

CVSS3: 7.2

nvd

больше 4 лет назад

Incomplete List of Disallowed Inputs in ManageEngine ServiceDesk Plus before version 11205 allows a remote, authenticated attacker to execute arbitrary commands with SYSTEM privileges.

EPSS

Процентиль: 98%

0.64528

Средний

7.2 High

CVSS3

CVE ID

Дефекты

CWE-20