ZohoCorp ManageEngine ServiceDesk Plus 9.3
Approved changes feed: RSS · Atom
cpe:2.3:a:zohocorp:servicedesk_plus:9.3:*:*:*:*:*:*:*
part: a version: 9.3 update: *
| Vendor | Zohocorp (4f1ab088-ab0e-54ac-b0dc-2304879a7502) |
|---|---|
| Product | Servicedesk Plus (c29e36b0-6e78-50bd-9812-7a1830f4e1c0) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2019-10008 |
vulnerable | 2026-06-03 14:39:21.141722 |
Details available
Zoho ManageEngine ServiceDesk 9.3 allows session hijacking and privilege escalation because an established guest session is automatically converted into an established administrator session when the guest user enters the administrator username, with an arbitrary incorrect password, in an mc/ login attempt within a different browser tab.
Published: 2019-04-24T18:58:55.000Z
Updated: 2024-08-04T22:10:08.609Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.