Unrated severityNVD Advisory· Published Apr 26, 2023· Updated Feb 3, 2025
CVE-2023-29443
CVE-2023-29443
Description
Zoho ManageEngine ServiceDesk Plus before 14105, ServiceDesk Plus MSP before 14200, SupportCenter Plus before 14200, and AssetExplorer before 6989 allow SDAdmin attackers to conduct XXE attacks via a crafted server that sends malformed XML from a Reports integration API endpoint.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Zoho/ManageEngine ServiceDesk Plusdescription
- Range: <6989
- Range: <14200
- Range: <14105
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.