Vulnerability Details : CVE-2023-4768
A CRLF injection vulnerability has been found in ManageEngine Desktop Central affecting version 9.1.0. This vulnerability could allow a remote attacker to inject arbitrary HTTP headers and perform HTTP response splitting attacks via the fileName parameter in /STATE_ID/1613157927228/InvSWMetering.pdf.
Published
2023-11-03 11:15:08
Updated
2023-11-13 18:28:18
Exploit prediction scoring system (EPSS) score for CVE-2023-4768
0.46%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 75 %
Percentile, the proportion of vulnerabilities that are scored at or less