Auth Bypass via API in Zoho ManageEngine SupportCenter Plus V3
CVE-2022-36412 Published on July 26, 2022

In Zoho ManageEngine SupportCenter Plus before 11023, V3 API requests are vulnerable to authentication bypass. (An API request may, in effect, be executed with the credentials of a user who authenticated in the past.)

NVD

Products Associated with CVE-2022-36412

Want to know whenever a new CVE is published for Zoho Corp Manageengine Supportcenter Plus? stack.watch will email you.

Zoho Corp Manageengine Supportcenter Plus

Exploit Probability

EPSS

1.50%

Percentile

80.86%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Auth Bypass via API in Zoho ManageEngine SupportCenter Plus V3CVE-2022-36412 Published on July 26, 2022

Products Associated with CVE-2022-36412

Exploit Probability

Auth Bypass via API in Zoho ManageEngine SupportCenter Plus V3
CVE-2022-36412 Published on July 26, 2022