7.5

CVE-2022-35403

EPSS 2.81%
Published 12.07.2022 22:15:08
Last modified 21.11.2024 07:11:06
Source cve@mitre.org
Teams watchlist Login
Open Login

Zoho ManageEngine ServiceDesk Plus before 13008, ServiceDesk Plus MSP before 10606, and SupportCenter Plus before 11022 are affected by an unauthenticated local file disclosure vulnerability via ticket-creation email. (This also affects Asset Explorer before 6977 with authentication.)

Affected products Warnungen 0 Metrics 3 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

Zohocorp ≫ Manageengine Servicedesk Plus Version < 13.0

Zohocorp ≫ Manageengine Servicedesk Plus Version13.0 Update13000

Zohocorp ≫ Manageengine Servicedesk Plus Version13.0 Update13001

Zohocorp ≫ Manageengine Servicedesk Plus Version13.0 Update13002

Zohocorp ≫ Manageengine Servicedesk Plus Version13.0 Update13003

Zohocorp ≫ Manageengine Servicedesk Plus Version13.0 Update13004

Zohocorp ≫ Manageengine Servicedesk Plus Version13.0 Update13005

Zohocorp ≫ Manageengine Servicedesk Plus Version13.0 Update13006

Zohocorp ≫ Manageengine Servicedesk Plus Version13.0 Update13007

Zohocorp ≫ Manageengine Servicedesk Plus Msp Version < 10.6

Zohocorp ≫ Manageengine Servicedesk Plus Msp Version10.6 Update10600

Zohocorp ≫ Manageengine Servicedesk Plus Msp Version10.6 Update10601

Zohocorp ≫ Manageengine Servicedesk Plus Msp Version10.6 Update10602

Zohocorp ≫ Manageengine Servicedesk Plus Msp Version10.6 Update10603

Zohocorp ≫ Manageengine Servicedesk Plus Msp Version10.6 Update10604

Zohocorp ≫ Manageengine Servicedesk Plus Msp Version10.6 Update10605

Zohocorp ≫ Manageengine Supportcenter Plus Version < 11.0

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11000

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11001

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11002

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11003

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11004

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11005

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11006

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11007

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11008

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11009

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11010

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11011

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11012

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11013

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11014

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11015

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11016

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11017

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11018

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11019

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11020

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11021

Zohocorp ≫ Manageengine Assetexplorer Version < 6.9

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6900

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6901

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6902

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6903

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6904

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6905

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6906

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6907

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6908

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6909

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6950

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6951

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6952

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6953

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6954

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6955

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6956

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6957

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6970

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6971

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6972

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6973

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6974

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6975

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6976

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	2.81%	0.856

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

https://www.manageengine.com/products/service-desk/cve-2022-35403.html

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-35403

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-35403

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-35403

EUVD