CVE-2022-40772

EPSS 0.07%
Veröffentlicht 23.11.2022 18:15:12
Zuletzt bearbeitet 28.04.2025 20:15:20
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to a validation bypass that allows users to access sensitive data via the report module.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Zohocorp ≫ Manageengine Servicedesk Plus Version < 14.0

Zohocorp ≫ Manageengine Servicedesk Plus Version14.0 Update-

Zohocorp ≫ Manageengine Servicedesk Plus Version14.0 Update14000

Zohocorp ≫ Manageengine Servicedesk Plus Msp Version < 10.6

Zohocorp ≫ Manageengine Servicedesk Plus Msp Version10.6 Update-

Zohocorp ≫ Manageengine Servicedesk Plus Msp Version10.6 Update10600

Zohocorp ≫ Manageengine Servicedesk Plus Msp Version10.6 Update10601

Zohocorp ≫ Manageengine Servicedesk Plus Msp Version10.6 Update10602

Zohocorp ≫ Manageengine Servicedesk Plus Msp Version10.6 Update10603

Zohocorp ≫ Manageengine Servicedesk Plus Msp Version10.6 Update10604

Zohocorp ≫ Manageengine Servicedesk Plus Msp Version10.6 Update10605

Zohocorp ≫ Manageengine Servicedesk Plus Msp Version10.6 Update10606

Zohocorp ≫ Manageengine Servicedesk Plus Msp Version10.6 Update10607

Zohocorp ≫ Manageengine Servicedesk Plus Msp Version10.6 Update10608

Zohocorp ≫ Manageengine Supportcenter Plus Version < 11.0

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update-

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11000

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11001

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11002

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11003

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11004

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11005

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11006

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11007

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11008

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11009

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11010

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11011

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11012

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11013

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11014

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11015

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11016

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11017

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11018

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11019

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11020

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11021

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11022

Zohocorp ≫ Manageengine Supportcenter Plus Version11.0 Update11024

Zohocorp ≫ Manageengine Assetexplorer Version < 6.9

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update-

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6900

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6901

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6902

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6903

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6904

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6905

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6906

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6907

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6908

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6909

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6950

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6951

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6952

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6953

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6954

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6955

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6956

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6957

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6970

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6971

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6972

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6973

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6974

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6975

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6976

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6977

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6978

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6979

Zohocorp ≫ Manageengine Assetexplorer Version6.9 Update6980

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.227

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

https://manageengine.com

Vendor Advisory

https://www.manageengine.com/products/service-desk/CVE-2022-40772.html

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-40772

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-40772

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-40772

EUVD