Keith Lee Yong Ming

**Name of the Vulnerable Software and Affected Versions** ManageEngine ServiceDesk Plus versions prior to 8.0 Build 8012 **Description** A directory traversal issue exists, allowing remote attackers to read arbitrary files. **Recommendations** For versions prior to 8.0 Build 8012, update to Build 8012 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** ManageEngine ServiceDesk Plus version 8.0 before Build 8012 **Description** The issue concerns a lack of authentication requirement in the FileDownload.jsp component, allowing remote attackers to read files from a specific directory. **Recommendations** For ManageEngine ServiceDesk Plus version 8.0 before Build 8012, update to Build 8012 or later to resolve the issue.