CVE-2022-32551: Path Traversal
First published: Fri Jul 01 2022(Updated: )
Zoho ManageEngine ServiceDesk Plus MSP before 10604 allows path traversal (to WEBINF/web.xml from sample/WEB-INF/web.xml or sample/META-INF/web.xml).
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zoho ManageEngine ServiceDesk Plus (SDP) / SupportCenter Plus | <10.6 | |
| Zoho ManageEngine ServiceDesk Plus (SDP) / SupportCenter Plus | =10.6 | |
| Zoho ManageEngine ServiceDesk Plus (SDP) / SupportCenter Plus | =10.6-10600 | |
| Zoho ManageEngine ServiceDesk Plus (SDP) / SupportCenter Plus | =10.6-10601 | |
| Zoho ManageEngine ServiceDesk Plus (SDP) / SupportCenter Plus | =10.6-10602 | |
| Zoho ManageEngine ServiceDesk Plus (SDP) / SupportCenter Plus | =10.6-10603 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2022-32551.
What is the title of this vulnerability?
The title of this vulnerability is 'Zoho ManageEngine ServiceDesk Plus MSP before 10604 allows path traversal'.
What is the severity of CVE-2022-32551?
The severity of CVE-2022-32551 is high.
Which versions of Zoho ManageEngine ServiceDesk Plus MSP are affected by this vulnerability?
Zoho ManageEngine ServiceDesk Plus MSP versions up to 10.6-10604 are affected by this vulnerability.
How can I fix the path traversal vulnerability in Zoho ManageEngine ServiceDesk Plus MSP?
To fix the path traversal vulnerability in Zoho ManageEngine ServiceDesk Plus MSP, it is recommended to update to version 10.6-10604 or later.
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/event
- agent/weakness
- agent/description
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/zohocorp
- canonical/zoho manageengine servicedesk plus (sdp) / supportcenter plus
- version/zoho manageengine servicedesk plus (sdp) / supportcenter plus/10.6
- version/zoho manageengine servicedesk plus (sdp) / supportcenter plus/10.6-10600
- version/zoho manageengine servicedesk plus (sdp) / supportcenter plus/10.6-10601
- version/zoho manageengine servicedesk plus (sdp) / supportcenter plus/10.6-10602
- version/zoho manageengine servicedesk plus (sdp) / supportcenter plus/10.6-10603