GCVE - cpe:2.3:a:manageengine:servicedesk:9.3.9328:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:manageengine:servicedesk:9.3.9328:*:*:*:*:*:*:*

part: a version: 9.3.9328 update: *

Vendor	Manageengine (`b7eba64e-d5d7-5395-be8c-84fe138ee37e`)
Product	Servicedesk (`99b38a2c-84c7-582a-90bb-1869088a1539`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2017-11512`	vulnerable	2026-06-03 14:36:28.856366	Details available The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the name parameter for the download-snapshot URL. An unauthenticated remote attacker can use this vulnerability to download arbitrary files. Published: 2017-11-08T22:00:00.000Z Updated: 2024-09-16T17:02:50.915Z Open on db.gcve.eu Reference links https://www.tenable.com/security/research/tra-2017-31 http://www.securityfocus.com/bid/101789	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-11511`	vulnerable	2026-06-03 14:36:28.855944	Details available The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the filepath parameter for the download-file URL. An unauthenticated remote attacker can use this vulnerability to download arbitrary files. Published: 2017-11-08T22:00:00.000Z Updated: 2024-09-17T03:17:32.319Z Open on db.gcve.eu Reference links https://www.tenable.com/security/research/tra-2017-31 http://www.securityfocus.com/bid/101788	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.