Loading
ManageEngine ServiceDesk Plus through 14104, ServiceDesk Plus MSP through 14000, Support Center Plus through 14000, and Asset Explorer through 6987 allow privilege escalation via query reports.
Use CWE-269, Zohocorp vendor hub and Manageengine Assetexplorer product page to widen CVE-2023-26600 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2022-47966, CVE-2021-20110 and CVE-2023-35785 for nearby disclosures in the same product family.