CVE-2024-38868

CWE-863Incorrect Authorization3 documents3 sources
Severity
8.3HIGH
EPSS
0.3%
top 46.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Manageengine Endpoint CentralZohocorp Manageengine Endpoint Central
Timeline
PublishedAug 30

Description

Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability while isolating the devices.This issue affects Endpoint Central: before 11.3.2406.08 and before 11.3.2400.15

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:LExploitability: 2.8 | Impact: 4.7

Affected Packages2 packages

NVDzohocorp/manageengine_endpoint_central11.3.2401.0511.3.2406.08+1
CVEListV5manageengine/endpoint_central< 11.3.2406.08+1

🔴Vulnerability Details

2
GHSA
GHSA-fcrv-q4xw-6crp: Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability while isolating the devices2024-08-30
CVEList
Incorrect Authorization2024-08-30
CVE-2024-38868 (HIGH CVSS 8.3) | Zohocorp ManageEngine Endpoint Cent | cvebase.io