Lucene search
ManageEngineCVELIST:CVE-2024-38869HistoryAug 23, 2024 - 2:07 p.m.
CVE-2024-38869 Incorrect Authorization
2024-08-2314:07:46
CWE-863
ManageEngine
www.cve.org
2
zohocorp
manageengine
servicedesk plus
servicedesk plus msp
supportcenter plus
stored xss
vulnerability
cve-2024-38869
CVSS3
8.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
EPSS
0.003
Percentile
71.1%
Zohocorp ManageEngine Endpoint Central affected byΒ Incorrect authorization vulnerability in remote office deploy configurations.This issue affects Endpoint Central: before 11.3.2416.04 and before 11.3.2400.25.
CNA Affected
[
{
"collectionURL": "https://www.manageengine.com/?pos=EndpointCentral",
"defaultStatus": "unaffected",
"product": "Endpoint Central",
"vendor": "ManageEngine",
"versions": [
{
"lessThan": "11.3.2416.04",
"status": "affected",
"version": "0",
"versionType": "11.3.2416.04"
},
{
"lessThan": "11.3.2400.25",
"status": "affected",
"version": "0",
"versionType": "11.3.2400.25"
}
]
}
]Related
nvd
nvd
CVE-2024-38869
2024-08-23 15:15:15
cve
cve
CVE-2024-38869
2024-08-23 15:15:15
vulnrichment
vulnrichment
CVE-2024-38869 Incorrect Authorization
2024-08-23 14:07:46
CVSS3
8.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
EPSS
0.003
Percentile
71.1%
Related for CVELIST:CVE-2024-38869