CVE-2022-36412

In Zoho ManageEngine SupportCenter Plus before 11023, V3 API requests are vulnerable to authentication bypass. (An API request may, in effect, be executed with the credentials of a user who authenticated in the past.)
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11021:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11020:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11022:*:*:*:*:*:*

Information

Published : 2022-07-26 07:15

Updated : 2022-08-02 13:05


NVD link : CVE-2022-36412

Mitre link : CVE-2022-36412


JSON object : View

CWE
CWE-287

Improper Authentication

Advertisement

dedicated server usa

Products Affected

zohocorp

  • manageengine_supportcenter_plus