cpe:/a:manageengine:servicedesk:9.3.9328 CVE-2017-11511 2017-11-08T17:29:00.230-05:00 2019-10-09T19:22:08.887-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BID 101788 MISC https://www.tenable.com/security/research/tra-2017-31 The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the filepath parameter for the download-file URL. An unauthenticated remote attacker can use this vulnerability to download arbitrary files.