Zoho ManageEngine ServiceDesk Plus before 11134 allows an Authentication Bypass (only during SAML login).
References
Link | Resource |
---|---|
https://www.manageengine.com/products/service-desk/on-premises/readme.html#11134 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
18 Mar 2021, 20:28
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-863 | |
CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 8.8 |
CPE | cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11104:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11131:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:*:*:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11120:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11102:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11130:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11108:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11107:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11126:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11112:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11100:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11124:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11116:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11101:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11109:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11118:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11114:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11111:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11123:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11132:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11119:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11121:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11129:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11103:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11105:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11113:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11133:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11117:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11125:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11128:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11106:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11110:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11115:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11122:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11127:*:*:*:*:*:* |
|
References | (MISC) https://www.manageengine.com/products/service-desk/on-premises/readme.html#11134 - Vendor Advisory |
13 Mar 2021, 19:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-03-13 19:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-35682
Mitre link : CVE-2020-35682
CVE.ORG link : CVE-2020-35682
JSON object : View
Products Affected
zohocorp
- manageengine_servicedesk_plus
CWE
CWE-863
Incorrect Authorization