CVE-2018-5340

4 documents4 sources

Severity

7.2HIGH

EPSS

7.1%

top 8.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Zohocorp Manageengine Desktop Central

Timeline

PublishedApr 18

Latest updateMay 13

Description

An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: database access using a superuser account (specifically, an account with permission to write to the filesystem via SQL queries).

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages1 packages

▶NVDzohocorp/manageengine_desktop_central10.0.124, 10.0.184+1

🔴Vulnerability Details

GHSA

GHSA-rgxg-7vf9-fg6x: An issue was discovered in Zoho ManageEngine Desktop Central 10↗2022-05-13

▶

OSV

ckeditor vulnerabilities↗2022-03-23

▶

CVEList

CVE-2018-5340: An issue was discovered in Zoho ManageEngine Desktop Central 10↗2018-04-18

▶