CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2024-38868 – Incorrect Authorization
https://notcve.org/view.php?id=CVE-2024-38868
Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability while isolating the devices.This issue affects Endpoint Central: before 11.3.2406.08 and before 11.3.2400.15 • https://www.manageengine.com/products/desktop-central/security-updates-ngav.html • CWE-863: Incorrect Authorization •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-38869 – Incorrect Authorization
https://notcve.org/view.php?id=CVE-2024-38869
An Stored Cross-site Scripting vulnerability affects Zohocorp ManageEngine ServiceDesk Plus, ServiceDesk Plus MSP and SupportCenter Plus.This issue affects ServiceDesk Plus versions: through 14810; ServiceDesk Plus MSP: through 14800; SupportCenter Plus: through 14800. Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability in remote office deploy configurations.This issue affects Endpoint Central: before 11.3.2416.04 and before 11.3.2400.25. • https://www.manageengine.com/products/service-desk/CVE-2024-41150.html https://www.manageengine.com/products/desktop-central/security-updates-config-access.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-863: Incorrect Authorization •