Zoho ManageEngine ServiceDesk Plus before 14105, ServiceDesk Plus MSP before 14200, SupportCenter Plus before 14200, and AssetExplorer before 6989 allow SDAdmin attackers to conduct XXE attacks via a crafted server that sends malformed XML from a Reports integration API endpoint.
Metrics
Affected Vendors & Products
References
History
Mon, 03 Feb 2025 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2025-02-03T19:08:40.668Z
Reserved: 2023-04-06T00:00:00.000Z
Link: CVE-2023-29443

Updated: 2024-08-02T14:07:46.221Z

Status : Modified
Published: 2023-04-26T21:15:08.957
Modified: 2025-02-03T20:15:31.143
Link: CVE-2023-29443

No data.