Vulnerabilities > CVE-2022-42903 - Missing Authorization vulnerability in Zohocorp Manageengine Supportcenter Plus 11.0

047910
CVSS 3.3 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
local
low complexity
zohocorp
CWE-862
NVD
Published: 2022-11-17
Updated: 2023-08-08

Summary

Zoho ManageEngine SupportCenter Plus through 11024 allows low-privileged users to view the organization users list.

Vulnerable Configurations

Part Description Count
Application
Zohocorp
25

Common Weakness Enumeration (CWE)

References