CVE-2023-4769 Information

Description

A SSRF vulnerability has been found in ManageEngine Desktop Central affecting version 9.1.0 specifically the /smtpConfig.do component. This vulnerability could allow an authenticated attacker to launch targeted attacks such as a cross-port attack service enumeration and other attacks via HTTP requests.

Reference

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-manageengine-desktop-central