Vulnerability Details CVE-2024-9097
ManageEngine Endpoint Central versions before 11.3.2440.09 are vulnerable to IDOR vulnerability which allows the attacker to change the username in the chat.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.5%
CVSS Severity
CVSS v3 Score 3.5
Products affected by CVE-2024-9097
-
cpe:2.3:a:zohocorp:manageengine_endpoint_central:11.3.2428.01
-
cpe:2.3:a:zohocorp:manageengine_endpoint_central:11.3.2428.02
-
cpe:2.3:a:zohocorp:manageengine_endpoint_central:11.3.2428.04
-
cpe:2.3:a:zohocorp:manageengine_endpoint_central:11.3.2428.07
-
cpe:2.3:a:zohocorp:manageengine_endpoint_central:11.3.2428.09
-
cpe:2.3:a:zohocorp:manageengine_endpoint_central:11.3.2428.13
-
cpe:2.3:a:zohocorp:manageengine_endpoint_central:11.3.2428.14
-
cpe:2.3:a:zohocorp:manageengine_endpoint_central:11.3.2428.15
-
cpe:2.3:a:zohocorp:manageengine_endpoint_central:11.3.2428.18
-
cpe:2.3:a:zohocorp:manageengine_endpoint_central:11.3.2428.20
-
cpe:2.3:a:zohocorp:manageengine_endpoint_central:11.3.2428.21
-
cpe:2.3:a:zohocorp:manageengine_endpoint_central:11.3.2428.22
-
cpe:2.3:a:zohocorp:manageengine_endpoint_central:11.3.2428.24