In Zoho ManageEngine SupportCenter Plus before 11023, V3 API requests are vulnerable to authentication bypass. (An API request may, in effect, be executed with the credentials of a user who authenticated in the past.)
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-07-26T13:34:05
Updated: 2024-08-03T10:07:33.111Z
Reserved: 2022-07-23T00:00:00
Link: CVE-2022-36412
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-07-26T14:15:09.297
Modified: 2024-11-21T07:12:57.710
Link: CVE-2022-36412
Redhat
No data.