Vulnerabilities > CVE-2020-28050 - Incorrect Authorization vulnerability in Zohocorp Manageengine Desktop Central

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

NVD

Published: 2021-03-05

Updated: 2021-07-21

Summary

Zoho ManageEngine Desktop Central before build 10.0.647 allows a single authentication secret from multiple agents to communicate with the server.

Part	Description	Count
Application	Zohocorp Zohocorp Manageengine Desktop Central - Zohocorp Manageengine Desktop Central 7.0 Zohocorp Manageengine Desktop Central 7.0.0 Zohocorp Manageengine Desktop Central 7.0.1 Zohocorp Manageengine Desktop Central 8.0.0 Zohocorp Manageengine Desktop Central 9.0 Zohocorp Manageengine Desktop Central 9.1.0 Zohocorp Manageengine Desktop Central 10 Zohocorp Manageengine Desktop Central 10.0.0 Zohocorp Manageengine Desktop Central 10.0.124 Zohocorp Manageengine Desktop Central 10.0.184 Zohocorp Manageengine Desktop Central 10.0.271 Zohocorp Manageengine Desktop Central 10.0.289 Zohocorp Manageengine Desktop Central 10.0.290 Zohocorp Manageengine Desktop Central 10.0.380 Zohocorp Manageengine Desktop Central 10.0.430 Zohocorp Manageengine Desktop Central 10.0.484 Zohocorp Manageengine Desktop Central 10.0.533 Zohocorp Manageengine Desktop Central 10.0.552.W	20