2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2022-35403" ,
"sourceIdentifier" : "cve@mitre.org" ,
"published" : "2022-07-12T22:15:08.327" ,
"lastModified" : "2022-07-19T18:02:57.190" ,
"vulnStatus" : "Analyzed" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "Zoho ManageEngine ServiceDesk Plus before 13008, ServiceDesk Plus MSP before 10606, and SupportCenter Plus before 11022 are affected by an unauthenticated local file disclosure vulnerability via ticket-creation email. (This also affects Asset Explorer before 6977 with authentication.)"
} ,
{
"lang" : "es" ,
"value" : "Zoho ManageEngine ServiceDesk Plus versiones anteriores a 13008, ServiceDesk Plus MSP versiones anteriores a 10606 y SupportCenter Plus versiones anteriores a 11022 est\u00e1n afectados por una vulnerabilidad de divulgaci\u00f3n de archivos locales sin autenticaci\u00f3n por medio del correo electr\u00f3nico de creaci\u00f3n de tickets. (Esto tambi\u00e9n afecta a Asset Explorer versiones anteriores a 6977 con autenticaci\u00f3n)"
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" ,
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "NONE" ,
"availabilityImpact" : "NONE" ,
"baseScore" : 7.5 ,
"baseSeverity" : "HIGH"
} ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 3.6
}
] ,
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N" ,
"accessVector" : "NETWORK" ,
"accessComplexity" : "LOW" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "PARTIAL" ,
"integrityImpact" : "NONE" ,
"availabilityImpact" : "NONE" ,
"baseScore" : 5.0
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 10.0 ,
"impactScore" : 2.9 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "NVD-CWE-noinfo"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "13.0" ,
"matchCriteriaId" : "19B93A05-EDB4-4E02-926D-17E967ECBF91"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:13.0:13000:*:*:*:*:*:*" ,
"matchCriteriaId" : "B0B75973-355C-447E-BBEA-18459A5736C8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:13.0:13001:*:*:*:*:*:*" ,
"matchCriteriaId" : "7E45A9C9-EE09-493E-AE75-BACCD86B97EB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:13.0:13002:*:*:*:*:*:*" ,
"matchCriteriaId" : "4509077B-AD20-49B3-B23D-A0BC9E7A07E1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:13.0:13003:*:*:*:*:*:*" ,
"matchCriteriaId" : "2B5066A4-D8F9-452D-9686-49B5B33EE326"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:13.0:13004:*:*:*:*:*:*" ,
"matchCriteriaId" : "A221A081-71CD-437F-9FE2-6A255A816BD3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:13.0:13005:*:*:*:*:*:*" ,
"matchCriteriaId" : "883692B3-A95D-46F5-9E52-7694AF30CBAA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:13.0:13006:*:*:*:*:*:*" ,
"matchCriteriaId" : "D3C36A1A-9E47-4343-936A-711C7234D125"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:13.0:13007:*:*:*:*:*:*" ,
"matchCriteriaId" : "D7875DEA-DE8F-4AF1-BCE7-FDF2A59C1DED"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "10.6" ,
"matchCriteriaId" : "D0647726-47C1-4CF5-91AA-E3E18776842C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.6:10600:*:*:*:*:*:*" ,
"matchCriteriaId" : "877000C8-0405-481D-95CC-72B783457401"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.6:10601:*:*:*:*:*:*" ,
"matchCriteriaId" : "1DC5243C-C10E-46A1-A71E-7E736FC651E2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.6:10602:*:*:*:*:*:*" ,
"matchCriteriaId" : "C17D5800-8A5A-44BE-ACE3-6FB21631551C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.6:10603:*:*:*:*:*:*" ,
"matchCriteriaId" : "D27B7FA3-95C7-469F-BAB8-3CAE35AE7CD1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.6:10604:*:*:*:*:*:*" ,
"matchCriteriaId" : "C1671DFA-9DAA-41E5-9528-50F63D32FBF1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.6:10605:*:*:*:*:*:*" ,
"matchCriteriaId" : "9F539D31-62C3-4129-8B56-8CDCD8F8E0A8"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "11.0" ,
"matchCriteriaId" : "791D8E77-1A6B-4739-A6E6-BF91E978144E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11000:*:*:*:*:*:*" ,
"matchCriteriaId" : "D788203D-B169-4C98-B090-B070630750DF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11001:*:*:*:*:*:*" ,
"matchCriteriaId" : "846EA6AB-9588-4D9F-AEBD-83B018BE7362"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11002:*:*:*:*:*:*" ,
"matchCriteriaId" : "BDD540F2-C964-40DE-91AB-DE726AAA82A8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11003:*:*:*:*:*:*" ,
"matchCriteriaId" : "AB196A6F-FBD8-4573-B1B2-BE2B06BD1AC5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11004:*:*:*:*:*:*" ,
"matchCriteriaId" : "685783DB-DD06-4D9C-9E83-63449D5B60D9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11005:*:*:*:*:*:*" ,
"matchCriteriaId" : "C371F2CD-A1F8-4EC7-8096-D61DEA337D44"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11006:*:*:*:*:*:*" ,
"matchCriteriaId" : "B980A72F-53E2-4FC1-AA25-743AE8650641"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11007:*:*:*:*:*:*" ,
"matchCriteriaId" : "68289AE6-F348-401A-BE49-08889492B23B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11008:*:*:*:*:*:*" ,
"matchCriteriaId" : "A0667DC3-8315-4F2B-BAB7-D1F1CA476D68"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11009:*:*:*:*:*:*" ,
"matchCriteriaId" : "34C768E0-FF5B-413D-87B2-9D09F28F95DC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11010:*:*:*:*:*:*" ,
"matchCriteriaId" : "5570C5A9-A79B-48CF-B95D-3513F7B9BAF7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11011:*:*:*:*:*:*" ,
"matchCriteriaId" : "B77031F5-E097-4549-BF5E-1D0718AB52B9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11012:*:*:*:*:*:*" ,
"matchCriteriaId" : "5A9C0879-8AE5-4E6E-998C-E79FC418C68A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11013:*:*:*:*:*:*" ,
"matchCriteriaId" : "3F1F21D7-08E8-4637-903B-4277399C0BD7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11014:*:*:*:*:*:*" ,
"matchCriteriaId" : "97920D1C-62BA-4B10-9912-C2ED1C1B0313"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11015:*:*:*:*:*:*" ,
"matchCriteriaId" : "023C6278-1FF9-4E79-8D95-32BE71701D37"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11016:*:*:*:*:*:*" ,
"matchCriteriaId" : "34EFB9EF-269E-4A72-8357-2A54E8B78C84"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11017:*:*:*:*:*:*" ,
"matchCriteriaId" : "35366F60-D6E2-4B29-B593-D24079CE6831"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11018:*:*:*:*:*:*" ,
"matchCriteriaId" : "CB60E016-82DD-41EC-85F9-D4F37AF1F8E3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11019:*:*:*:*:*:*" ,
"matchCriteriaId" : "9B83E37C-B1F6-4CEB-8A8E-39E24BE8B59C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11020:*:*:*:*:*:*" ,
"matchCriteriaId" : "80B62BA0-2CF1-4828-99A9-7DD13CFCB9BE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0:11021:*:*:*:*:*:*" ,
"matchCriteriaId" : "7F529DB6-4D30-49F8-BFE2-C10C1A899917"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "6.9" ,
"matchCriteriaId" : "A6DEEF51-0977-4061-9919-803DFD144E10"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6900:*:*:*:*:*:*" ,
"matchCriteriaId" : "7D0754D0-5B28-4851-89A2-DC5B20CFF3E8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6901:*:*:*:*:*:*" ,
"matchCriteriaId" : "6E0CAA5B-16A1-4637-B90A-BFAF7381CCD9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6902:*:*:*:*:*:*" ,
"matchCriteriaId" : "48A960D7-7AB2-43F4-99FC-5B1FE69BFDB6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6903:*:*:*:*:*:*" ,
"matchCriteriaId" : "B293513C-9ECB-4512-B1B8-A470C6115458"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6904:*:*:*:*:*:*" ,
"matchCriteriaId" : "5D9B89EB-C51F-4A70-A6DF-1BD326308DA5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6905:*:*:*:*:*:*" ,
"matchCriteriaId" : "9B708143-01B3-45D0-A769-E1D8E99237B5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6906:*:*:*:*:*:*" ,
"matchCriteriaId" : "F1837C80-7D1F-4AF5-BF4B-932DF03D6A30"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6907:*:*:*:*:*:*" ,
"matchCriteriaId" : "4E528B83-1539-4516-9ACF-A05E853014DF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6908:*:*:*:*:*:*" ,
"matchCriteriaId" : "CBFB65BC-5B94-4075-BBB1-4CD8B5B216C3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6909:*:*:*:*:*:*" ,
"matchCriteriaId" : "7FAF3DFA-78FB-417C-808A-507F66889913"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6950:*:*:*:*:*:*" ,
"matchCriteriaId" : "E9506197-CDDA-451B-9FE3-72B3C3BA19EF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6951:*:*:*:*:*:*" ,
"matchCriteriaId" : "691DF8EC-6A7A-4449-8A4C-79F76726D685"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6952:*:*:*:*:*:*" ,
"matchCriteriaId" : "0B3E2B0A-EB1E-45C3-BC2C-9E32268A0867"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6953:*:*:*:*:*:*" ,
"matchCriteriaId" : "E1BD2753-52B8-4EB0-8332-C67935FB8B47"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6954:*:*:*:*:*:*" ,
"matchCriteriaId" : "E8BD08BF-4E5D-4DE4-A499-B0296C126599"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6955:*:*:*:*:*:*" ,
"matchCriteriaId" : "F13CB227-496C-4777-BE76-27AFF5ED15C2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6956:*:*:*:*:*:*" ,
"matchCriteriaId" : "2AB1DF8F-3385-40C6-92C5-10724F8A6911"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6957:*:*:*:*:*:*" ,
"matchCriteriaId" : "C1997DE8-8CFA-4882-9107-741B88339A67"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6970:*:*:*:*:*:*" ,
"matchCriteriaId" : "148F6458-136D-4612-9619-F51AEEC11AA6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6971:*:*:*:*:*:*" ,
"matchCriteriaId" : "8B189696-D6BC-475B-90CA-AF122224FEAA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6972:*:*:*:*:*:*" ,
"matchCriteriaId" : "477C97EC-A497-4C7C-973B-2C057A9242AD"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6973:*:*:*:*:*:*" ,
"matchCriteriaId" : "284F5D9D-F23F-4936-B461-10701CC3AB7C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6974:*:*:*:*:*:*" ,
"matchCriteriaId" : "74CE0145-F165-4FB4-A819-01B30641196A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6975:*:*:*:*:*:*" ,
"matchCriteriaId" : "CA291C44-616B-45D9-9709-61CD33E8B135"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6976:*:*:*:*:*:*" ,
"matchCriteriaId" : "C1C7492E-5D5B-419D-9749-7CC6EE5BC0FE"
}
]
}
]
}
] ,
"references" : [
{
"url" : "https://www.manageengine.com/products/service-desk/cve-2022-35403.html" ,
"source" : "cve@mitre.org" ,
"tags" : [
"Patch" ,
"Vendor Advisory"
]
}
]
}
