First published: Tue Apr 05 2022(Updated: )
Zoho ManageEngine ServiceDesk Plus before 13001 allows anyone to know the organisation's default currency name.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zohocorp Manageengine Servicedesk Plus | <=12.0 | |
Zohocorp Manageengine Servicedesk Plus | =13.0-13000 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-25245 is a vulnerability in Zoho ManageEngine ServiceDesk Plus that allows anyone to know the organization's default currency name.
The severity of CVE-2022-25245 is medium, with a severity score of 5.3.
Versions up to 12.0 and version 13.0-13000 of Zoho ManageEngine ServiceDesk Plus are affected by CVE-2022-25245.
You can fix CVE-2022-25245 by updating Zoho ManageEngine ServiceDesk Plus to a patched version provided by Zohocorp.
You can find more information about CVE-2022-25245 on the official Zoho ManageEngine website and the Raxis blog.