CVE-2024-10203

CWE-269Improper Privilege Management3 documents3 sources
Severity
7.8HIGH
EPSS
0.1%
top 82.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Manageengine Endpoint CentralZohocorp Manageengine Endpoint Central
Timeline
PublishedNov 7

Description

Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below, 11.3.2428.9 and below are vulnerable to Arbitrary File Deletion in the agent installed machines.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages2 packages

NVDzohocorp/manageengine_endpoint_central11.3.2428.0111.3.2428.09+1
CVEListV5manageengine/endpoint_central< 11.3.2416.22+1

🔴Vulnerability Details

2
CVEList
Agent Arbitrary File Deletion2024-11-07
GHSA
GHSA-976j-3f9q-58vp: Zohocorp ManageEngine EndPoint Central versions 112024-11-07
CVE-2024-10203 (HIGH CVSS 7.8) | Zohocorp ManageEngine EndPoint Cent | cvebase.io