exploitDog

GHSA-q2mg-h8mw-6fvw

Опубликовано: 23 нояб. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to a validation bypass that allows users to access sensitive data via the report module.

Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to a validation bypass that allows users to access sensitive data via the report module.

Ссылки

EPSS

Процентиль: 67%

0.00536

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-269

Связанные уязвимости

CVE-2022-40772

CVSS3: 6.5

nvd

около 3 лет назад

Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to a validation bypass that allows users to access sensitive data via the report module.

EPSS

Процентиль: 67%

0.00536

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-269