exploitDog

CVE-2025-11248

Опубликовано: 27 окт. 2025

Источник: nvd

CVSS3: 3.2

CVSS3: 4.3

EPSS Низкий

Описание

ZohoCorp ManageEngine Endpoint Central versions prior to 11.4.2528.05 are vulnerable to a sensitive information logging issue. An authenticated user with access to the logs could potentially obtain the sensitive agent token.

Ссылки

https://www.manageengine.com/products/desktop-central/CVE-2025-11248.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:zohocorp:manageengine_endpoint_central:*:*:*:*:*:*:*:*

Версия до 11.4.2528.05 (исключая)

EPSS

Процентиль: 41%

0.00189

Низкий

3.2 Low

CVSS3

4.3 Medium

CVSS3

Дефекты

CWE-532

Связанные уязвимости

GHSA-8r3p-hrm4-g839

CVSS3: 3.2

github

3 месяца назад

ZohoCorp ManageEngine Endpoint Central versions prior to 11.4.2528.05 are vulnerable to a sensitive information logging issue. An authenticated user with access to the logs could potentially obtain the sensitive agent token.

EPSS

Процентиль: 41%

0.00189

Низкий

3.2 Low

CVSS3

4.3 Medium

CVSS3

Дефекты

CWE-532

Уязвимость CVE-2025-11248