CVE-2022-40771

Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to an XML External Entity attack that leads to Information Disclosure...

ManageEngine AssetExplorer 6.9 Build 6980 XXE

An XML external entity XXE vulnerability exists in ManageEngine AssetExplorer 6.9 Build 6980 due to a flaw in the Analytics Plus integration. Threat actors with admin role access can retrieve local files from the server running the affected products. Note that Nessus has not tested for this issue...

ManageEngine ServiceDesk Plus < 14.0 Build 14001 Multiple Vulnerabilities

The version of ManageEngine ServiceDesk Plus running on the remote host is prior to 14.0 Build 14001. It is, therefore, affected by multiple vulnerabilities, including the following: - An XML external entity XXE vulnerability due to a flaw in the Analytics Plus integration. Threat actors with adm...

ManageEngine SupportCenter Plus < 11.0 Build 11026 Multiple Vulnerabilities

The version of ManageEngine SupportCenter Plus prior to 11.0 Build 11026 is running on the remote web server. It is, therefore, affected by multiple vulnerabilities, including the following: - A remote code execution vulnerability due to a flaw in the Analytics Plus integration input field...

CVE-2022-40771

creationtimestamp| type| source ---|---|--- 2022-11-23 20:14:09+00:00| seen| https://t.me/cibsecurity/53450 2025-04-28 20:11:23+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13735...

CVE-2022-40771

CVE-2022-40771 affects Zoho ManageEngine ServiceDesk Plus versions 13010 and earlier. The vulnerability is an XML External Entity (XXE) issue in the Analytics Plus integration that can lead to information disclosure. The CVSS v3.1 vector is AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N with a base score of...