Lucene search

MitreCVE-2022-42903

HistoryNov 17, 2022 - 10:15 p.m.

CVE-2022-42903

2022-11-1722:15:10

CWE-862

mitre

web.nvd.nist.gov

information security

vulnerability

cve-2022-42903

zoho

manageengine

supportcenter plus

organization users list

nvd

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

4.1

Confidence

High

EPSS

0.001

Percentile

26.8%

JSON

Zoho ManageEngine SupportCenter Plus through 11024 allows low-privileged users to view the organization users list.

Affected configurations

Nvd

Node

zohocorpmanageengine_supportcenter_plusMatch11.0-

zohocorpmanageengine_supportcenter_plusMatch11.011000

zohocorpmanageengine_supportcenter_plusMatch11.011001

zohocorpmanageengine_supportcenter_plusMatch11.011002

zohocorpmanageengine_supportcenter_plusMatch11.011003

zohocorpmanageengine_supportcenter_plusMatch11.011004

zohocorpmanageengine_supportcenter_plusMatch11.011005

zohocorpmanageengine_supportcenter_plusMatch11.011006

zohocorpmanageengine_supportcenter_plusMatch11.011007

zohocorpmanageengine_supportcenter_plusMatch11.011008

zohocorpmanageengine_supportcenter_plusMatch11.011009

zohocorpmanageengine_supportcenter_plusMatch11.011010

zohocorpmanageengine_supportcenter_plusMatch11.011011

zohocorpmanageengine_supportcenter_plusMatch11.011012

zohocorpmanageengine_supportcenter_plusMatch11.011013

zohocorpmanageengine_supportcenter_plusMatch11.011014

zohocorpmanageengine_supportcenter_plusMatch11.011015

zohocorpmanageengine_supportcenter_plusMatch11.011016

zohocorpmanageengine_supportcenter_plusMatch11.011017

zohocorpmanageengine_supportcenter_plusMatch11.011018

zohocorpmanageengine_supportcenter_plusMatch11.011019

zohocorpmanageengine_supportcenter_plusMatch11.011020

zohocorpmanageengine_supportcenter_plusMatch11.011021

zohocorpmanageengine_supportcenter_plusMatch11.011022

zohocorpmanageengine_supportcenter_plusMatch11.011024

VendorProductVersionCPE
zohocorpmanageengine_supportcenter_plus11.0cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:-:*:*:*:*:*:*
zohocorpmanageengine_supportcenter_plus11.0cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11000:*:*:*:*:*:*
zohocorpmanageengine_supportcenter_plus11.0cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11001:*:*:*:*:*:*
zohocorpmanageengine_supportcenter_plus11.0cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11002:*:*:*:*:*:*
zohocorpmanageengine_supportcenter_plus11.0cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11003:*:*:*:*:*:*
zohocorpmanageengine_supportcenter_plus11.0cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11004:*:*:*:*:*:*
zohocorpmanageengine_supportcenter_plus11.0cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11005:*:*:*:*:*:*
zohocorpmanageengine_supportcenter_plus11.0cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11006:*:*:*:*:*:*
zohocorpmanageengine_supportcenter_plus11.0cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11007:*:*:*:*:*:*
zohocorpmanageengine_supportcenter_plus11.0cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11008:*:*:*:*:*:*

Vendor	Product	Version	CPE
zohocorp	manageengine_supportcenter_plus	11.0	cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:-::::::
zohocorp	manageengine_supportcenter_plus	11.0	cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11000::::::
zohocorp	manageengine_supportcenter_plus	11.0	cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11001::::::
zohocorp	manageengine_supportcenter_plus	11.0	cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11002::::::
zohocorp	manageengine_supportcenter_plus	11.0	cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11003::::::
zohocorp	manageengine_supportcenter_plus	11.0	cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11004::::::
zohocorp	manageengine_supportcenter_plus	11.0	cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11005::::::
zohocorp	manageengine_supportcenter_plus	11.0	cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11006::::::
zohocorp	manageengine_supportcenter_plus	11.0	cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11007::::::
zohocorp	manageengine_supportcenter_plus	11.0	cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11008::::::

Rows per page:

1-10 of 251

References

www.manageengine.com/products/support-center/cve-2022-42903.html

Social References

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

4.1

Confidence

High

EPSS

0.001

Percentile

26.8%

JSON

Related for CVE-2022-42903