Server-Side Request Forgery in ManageEngine Desktop Central
CVE-2023-4769
8.8HIGH
What is CVE-2023-4769?
An SSRF vulnerability has been identified in ManageEngine Desktop Central, particularly in the /smtpConfig.do component. This flaw may allow authenticated attackers to conduct targeted attacks, including cross-port exploitation and service enumeration, by crafting malicious HTTP requests. Attackers can leverage this vulnerability to gain unauthorized access to internal services or execute other disruptive maneuvers within the network environment.
Affected Version(s)
Desktop Central 9.1.0