Vulnerability Details CVE-2018-11716
An issue was discovered in Zoho ManageEngine Desktop Central before 100230. There is unauthenticated remote access to all log files of a Desktop Central instance containing critical information (private information such as location of enrolled devices, cleartext passwords, patching level, etc.) via a GET request on port 8022, 8443, or 8444.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.095
EPSS Ranking 92.4%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 5.0
References
Products affected by CVE-2018-11716
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:-
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.0
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.0.0
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.0.124
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.0.137
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.0.184
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.0.255
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.0.271
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.0.289
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.0.290
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.0.380
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.0.430
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.0.479
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.0.483
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.0.484
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.0.486
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.0.533
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.0.552.w
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.0.561
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.0.647
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.1.2119.7
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.1.2127.17
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.1.2127.18
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.1.2128.0
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.1.2137.2
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.1.2137.3
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.1.2137.8
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.1.2137.9
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:10.1.2228.10
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:2020-03-07
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:2020-03-27
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:7.0
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:7.0.0
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:7.0.1
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:8.0.0
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:9.0
-
cpe:2.3:a:zohocorp:manageengine_desktop_central:9.1.0