Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Zoho ManageEngine SupportCenter Plus before 11023, V3 API requests are vulnerable to authentication bypass. (An API request may, in effect, be executed with the credentials of a user who authenticated in the past.)
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ZOHO ManageEngine SupportCenter Plus 授权问题漏洞
Vulnerability Description
ZOHO ManageEngine SupportCenter Plus是印度ZOHO公司的一种基于 Web 的客户支持软件。用于让组织有效地管理客户请求、他们的帐户和联系信息、服务合同,并在此过程中提供卓越的客户体验。 ZOHO ManageEngine SupportCenter Plus 11022、11021 和 11020版本存在安全漏洞,该漏洞源于缺乏适当的机制来清除以前经过身份验证的用户的凭据,攻击者利用该漏洞可以执行 V3 API 操作。
CVSS Information
N/A
Vulnerability Type
N/A