CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
100.0%
Added: 02/17/2023
Zoho ManageEngine ServiceDesk Plus is IT helpdesk software.
A vulnerability in an outdated Apache Santuario library in ServiceDesk Plus allows a remote, unauthenticated attacker to execute arbitrary commands by sending a specially crafted **SAMLResponse**
parameter to the SAML endpoint.
Upgrade to ServiceDesk Plus 14004 or higher.
<https://www.manageengine.com/security/advisory/CVE/cve-2022-47966.html>
<https://www.horizon3.ai/manageengine-cve-2022-47966-technical-deep-dive/>
The target must have been configured with SAML-based SSO at least once in the past in order to be exploitable.
Windows