CVE-2023-26600
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
06/03/2023
Last modified:
06/03/2025
Description
ManageEngine ServiceDesk Plus through 14104, ServiceDesk Plus MSP through 14000, Support Center Plus through 14000, and Asset Explorer through 6987 allow privilege escalation via query reports.
Impact
Base Score 3.x
6.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:zohocorp:manageengine_assetexplorer:*:*:*:*:*:*:*:* | 6.9 (excluding) | |
| cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:-:*:*:*:*:*:* | ||
| cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6900:*:*:*:*:*:* | ||
| cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6901:*:*:*:*:*:* | ||
| cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6902:*:*:*:*:*:* | ||
| cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6903:*:*:*:*:*:* | ||
| cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6904:*:*:*:*:*:* | ||
| cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6905:*:*:*:*:*:* | ||
| cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6906:*:*:*:*:*:* | ||
| cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6907:*:*:*:*:*:* | ||
| cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6908:*:*:*:*:*:* | ||
| cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6909:*:*:*:*:*:* | ||
| cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6950:*:*:*:*:*:* | ||
| cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6951:*:*:*:*:*:* | ||
| cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6952:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page