CVE-2022-42903

Zoho ManageEngine SupportCenter Plus through 11024 allows low-privileged users to view the organization users list.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.3 LOW
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
CISA-ADPADP
3.3 LOW
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 20%
VendorProductVersion
zohocorpmanageengine_supportcenter_plus
11.0
zohocorpmanageengine_supportcenter_plus
11.0:11000
zohocorpmanageengine_supportcenter_plus
11.0:11001
zohocorpmanageengine_supportcenter_plus
11.0:11002
zohocorpmanageengine_supportcenter_plus
11.0:11003
zohocorpmanageengine_supportcenter_plus
11.0:11004
zohocorpmanageengine_supportcenter_plus
11.0:11005
zohocorpmanageengine_supportcenter_plus
11.0:11006
zohocorpmanageengine_supportcenter_plus
11.0:11007
zohocorpmanageengine_supportcenter_plus
11.0:11008
zohocorpmanageengine_supportcenter_plus
11.0:11009
zohocorpmanageengine_supportcenter_plus
11.0:11010
zohocorpmanageengine_supportcenter_plus
11.0:11011
zohocorpmanageengine_supportcenter_plus
11.0:11012
zohocorpmanageengine_supportcenter_plus
11.0:11013
zohocorpmanageengine_supportcenter_plus
11.0:11014
zohocorpmanageengine_supportcenter_plus
11.0:11015
zohocorpmanageengine_supportcenter_plus
11.0:11016
zohocorpmanageengine_supportcenter_plus
11.0:11017
zohocorpmanageengine_supportcenter_plus
11.0:11018
zohocorpmanageengine_supportcenter_plus
11.0:11019
zohocorpmanageengine_supportcenter_plus
11.0:11020
zohocorpmanageengine_supportcenter_plus
11.0:11021
zohocorpmanageengine_supportcenter_plus
11.0:11022
zohocorpmanageengine_supportcenter_plus
11.0:11024
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.manageengine.com/products/support-center/cve-2022-42903.html
https://www.manageengine.com/products/support-center/cve-2022-42903.html