CVE-2022-41339 In MDM Plus, user privileges can be escalated.

An attacker with high privileges can access system settings and modify the settings. An attacker with high privileges can access system settings and modify the settings.

There is no password protection for the Administrator role. Therefore, any user with the Administrator role can change the settings of the system, which might negatively affect the system. There is no password protection for the Administrator role. Therefore, any user with the Administrator role can change the settings of the system, which might negatively affect the system. RESOLUTION: Update to version 10.1.2217.0 or later.

Affected Software:

The following versions are affected:
- 10.1.2217.0
- 10.1.2216.0
- 10.1.2215.0
- 10.1.2214.0
- 10.1.2213.0
- 10a5b18d5ba9f6b43fe8e5c5caf7ac093

Summary

An attacker with high privileges can access system settings and modify the settings. An attacker with high privileges can access system settings and modify the settings. RESOLUTION: Update to version 10.1.2217.0 or later.

CPU and Memory Usage

The system is configured with one CPU and 1 GB of RAM. The system is configured with one CPU and 1 GB of RAM.

Vendor Response:

The vendor responded to the vulnerability report and resolved it. The vendor responded to the vulnerability report and resolved it.

CVE-2021-41334

An attacker with the Administrator role can access system settings and modify the settings.

Timeline

Published on: 11/12/2022 04:15:00 UTC
Last modified on: 11/16/2022 18:03:00 UTC

References

• https://www.manageengine.com/mobile-device-management/kb/CVE-2022-41339.html
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-41339