CVE-2023-22964
CVE-2023-22964
9.1
CriticalPublished:
Last updated:
Source:cve@mitre.org
Modified
Weakness (CWE)
CVSS Vector
v3.1- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- None
- Scope
- Unchanged
- Confidentiality
- High
- Integrity
- High
- Availability
- None
Description
Zoho ManageEngine ServiceDesk Plus MSP before 10611, and 13x before 13004, is vulnerable to authentication bypass when LDAP authentication is enabled.
References
cve@mitre.org
https://manageengine.comaf854a3a-2127-422b-91ae-364da2661108
https://manageengine.comaf854a3a-2127-422b-91ae-364da2661108
https://www.manageengine.com/products/service-desk-msp/cve-2023-22964.html