CVE-2018-7248

MEDIUM

Zoho ManageEngine ServiceDesk Plus 9.3 Build 9317 - Info Disclosure

Title source: llm

Description

An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3 Build 9317. Unauthenticated users are able to validate domain user accounts by sending a request containing the username to an API endpoint. The endpoint will return the user's logon domain if the accounts exists, or 'null' if it does not.

Exploits (1)

gitlab WORKING POC 1 stars

by e-sterling · poc

https://gitlab.com/e-sterling/cve-2018-7248

View Code ZIP pw:eip

References (3)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/104287

[Exploit, Third Party Advisory] https://gitlab.com/e-sterling/cve-2018-7248

[Various Sources] https://medium.com/%40esterling_/cve-2018-7248-enumerating-active-directory-users-via-unauthenticated-manageengine-servicedesk-a1eda2942eb0

Scores

CVSS v3 5.3

EPSS 0.0519

EPSS Percentile 89.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

Status published

Products (1)

zohocorp/manageengine_servicedesk_plus 9.3 9317

Published May 11, 2018

Tracked Since Feb 18, 2026