CVE-2022-23779: Infoleak
First published: Wed Mar 02 2022(Updated: )
Zoho ManageEngine Desktop Central before 10.1.2137.8 exposes the installed server name to anyone. The internal hostname can be discovered by reading HTTP redirect responses.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zohocorp Manageengine Desktop Central | <10.1.2137.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2022-23779?
CVE-2022-23779 is a vulnerability in Zoho ManageEngine Desktop Central before version 10.1.2137.8 that exposes the installed server name to anyone.
How does CVE-2022-23779 affect Zoho ManageEngine Desktop Central?
CVE-2022-23779 allows anyone to discover the internal hostname of Zoho ManageEngine Desktop Central by reading HTTP redirect responses.
What is the severity of CVE-2022-23779?
The severity of CVE-2022-23779 is medium (5.3).
How can I fix CVE-2022-23779?
To fix CVE-2022-23779, it is recommended to upgrade Zoho ManageEngine Desktop Central to version 10.1.2137.8 or later.
Where can I find more information about CVE-2022-23779?
More information about CVE-2022-23779 can be found at the following link: https://www.manageengine.com/products/desktop-central/cve-2022-23779.html
- collector/nvd-index
- agent/severity
- vendor/zohocorp
- canonical/zohocorp manageengine desktop central