CVE-2023-4769 | Server-Side Request Forgery in ManageEngine Desktop Central
A SSRF vulnerability has been found in ManageEngine Desktop Central affecting version 9.1.0, specifically the /smtpConfig.do component. This vulnerability could allow an authenticated attacker to launch targeted attacks, such as a cross-port attack, service enumeration and other attacks via HTTP requests.
Conclusion & alert: CVE-2023-4769 is rated Moderate Risk (59.9/100): CVSS Medium severity, with medium exploitation likelihood (EPSS 3.25%).Core evidence: EPSS rose +3.12% over the last day, indicating growing attacker interest.Mandatory action: Review affected assets and schedule remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
Exploit prediction scoring system (EPSS) score for CVE-2023-4769
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).