CVE-2018-13412
N/A
N/A
Summary
An issue was discovered in the Self Service Portal in Zoho ManageEngine Desktop Central before 10.0.282. A clickable company logo in a window running as SYSTEM can be abused to escalate privileges. In cloud, the issue is fixed in 10.0.470 agent version.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/105348
- https://www.manageengine.com/products/desktop-central/elevation-of-system-privilege.html
- https://github.com/AJ-SA/Zoho-ManageEngine/blob/master/README.md
References
- http://www.securityfocus.com/bid/105348
- https://www.manageengine.com/products/desktop-central/elevation-of-system-privilege.html
- https://github.com/AJ-SA/Zoho-ManageEngine/blob/master/README.md
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.