Vulnerability Details CVE-2016-4889
ZOHO ManageEngine ServiceDesk Plus before 9.0 allows remote authenticated guest users to have unspecified impact by leveraging failure to restrict access to unknown functions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.043
EPSS Ranking 88.5%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
- http://jvn.jp/en/jp/JVN89726415/index.html
- http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000170.html
- http://www.securityfocus.com/bid/93215
- https://www.manageengine.com/products/service-desk/readme-9.0.html
- http://jvn.jp/en/jp/JVN89726415/index.html
- http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000170.html
- http://www.securityfocus.com/bid/93215
- https://www.manageengine.com/products/service-desk/readme-9.0.html
Products affected by CVE-2016-4889
-
cpe:2.3:a:zohocorp:servicedesk_plus:*