Manageengine Servicedesk Plus Msp vulnerabilities

4 known vulnerabilities affecting manageengine/servicedesk_plus_msp.

Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2025-8309HIGHCVSS 8.1fixed in 149402025-08-20
CVE-2025-8309 [HIGH] CWE-269 CVE-2025-8309: There is an improper privilege management vulnerability identified in ManageEngine's Asset Explorer, There is an improper privilege management vulnerability identified in ManageEngine's Asset Explorer, ServiceDesk Plus, ServiceDesk Plus MSP, and SupportCenter Plus products by Zohocorp. This vulnerability impacts Asset Explorer versions before 7710, ServiceDesk Plus versions before 15110, ServiceDesk Plus MSP versions before 14940, and SupportCenter Pl
cvelistv5nvd
CVE-2025-3444MEDIUMCVSS 6.5fixed in 149202025-05-22
CVE-2025-3444 [MEDIUM] CWE-434 CVE-2025-3444: Zohocorp ManageEngine ServiceDesk Plus MSP and SupportCenter Plus versions below 14920 are vulnerabl Zohocorp ManageEngine ServiceDesk Plus MSP and SupportCenter Plus versions below 14920 are vulnerable to authenticated Local File Inclusion (LFI) in the Admin module, where help card content is loaded.
cvelistv5nvd
CVE-2024-50053MEDIUMCVSS 5.4≤ 149002025-03-21
CVE-2024-50053 [MEDIUM] CWE-79 CVE-2024-50053: Zohocorp ManageEngine ServiceDesk Plus versions below 14920 , ServiceDesk Plus MSP and SupportCentre Zohocorp ManageEngine ServiceDesk Plus versions below 14920 , ServiceDesk Plus MSP and SupportCentre Plus versions below 14910 are vulnerable to Stored XSS in the task feature.
cvelistv5nvd
CVE-2024-41150MEDIUMCVSS 6.1≤ 148002024-08-23
CVE-2024-41150 [MEDIUM] CWE-79 CVE-2024-41150: An Stored Cross-site Scripting vulnerability in request module affects Zohocorp ManageEngine Service An Stored Cross-site Scripting vulnerability in request module affects Zohocorp ManageEngine ServiceDesk Plus, ServiceDesk Plus MSP and SupportCenter Plus.This issue affects ServiceDesk Plus versions: through 14810; ServiceDesk Plus MSP: through 14800; SupportCenter Plus: through 14800.
cvelistv5nvd