Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2757


Vulnerability Score 5.0 5.0
CVE Id CVE-2011-2757
Last Modified 19 Jul 2011 12:00:00
Published 17 Jul 2011 04:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Directory traversal vulnerability in FileDownload.jsp in ManageEngine ServiceDesk Plus and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the FILENAME parameter. NOTE: this might overlap the US-CERT VU#543310 issue.

Vulnerable Systems


  • Manageengine Servicedesk Plus 7.0.0

  • Manageengine Servicedesk Plus 7.6

  • Manageengine Servicedesk Plus 8.0

  • Manageengine Servicedesk Plus


EXPLOIT-DB - 17503

Last Updated: 27 May 2016 10:57:06