Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-38869

Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability in remote office deploy configurations.This issue affects Endpoint Central: before 11.3.2416.04 and before 11.3.2400.25.

Published

2024-08-23T15:15:15.843

Last Modified

2024-08-30T18:15:07.150

Status

Modified

Source

0fc0942c-577d-436f-ae8e-945763c79b02

Severity

CVSSv3.1: 8.3 (HIGH)

Weaknesses

Type: Secondary
CWE-863
Type: Primary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	zohocorp	manageengine_servicedesk_plus	≤ 14.7	Yes
Application	zohocorp	manageengine_servicedesk_plus	14.8	Yes
Application	zohocorp	manageengine_servicedesk_plus_msp	≤ 14.7	Yes
Application	zohocorp	manageengine_servicedesk_plus_msp	14.8	Yes
Application	zohocorp	manageengine_supportcenter_plus	≤ 14.7	Yes
Application	zohocorp	manageengine_supportcenter_plus	14.8	Yes

References

https://www.manageengine.com/products/desktop-central/security-updates-config-access.html (0fc0942c-577d-436f-ae8e-945763c79b02)