Directory Traversal Vulnerability in ManageEngine ServiceDesk Plus
CVE-2011-2755

Currently unrated

Key Information:

Vendor: Manageengine
Status: Servicedesk Plus
Vendor: CVE Published:; 17 July 2011

Summary

A directory traversal vulnerability exists in the FileDownload.jsp component of ManageEngine ServiceDesk Plus 8.0 prior to Build 8012. This flaw enables remote attackers to access arbitrary files on the server by exploiting unspecified vectors, which could lead to unauthorized disclosure of sensitive information. It is imperative for users to apply the necessary updates to safeguard against potential risks associated with this vulnerability.

References

http://www.kb.cert.org/vuls/id/543310

third-party-advisoryx_refsource_CERT-VN

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 17, 2011