Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-44675

Опубликовано: 20 дек. 2021
Источник: nvd
CVSS3: 9.8
CVSS2: 7.5
EPSS Низкий

Описание

Zoho ManageEngine ServiceDesk Plus MSP before 10.5 Build 10534 is vulnerable to unauthenticated remote code execution due to a filter bypass in which authentication is not required.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:*:*:*:*:*:*:*:*
Версия до 10.5 (включая)
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10500:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10501:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10502:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10503:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10504:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10505:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10506:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10507:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10508:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10509:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10510:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10511:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10512:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10513:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10514:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10515:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10516:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10517:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10518:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10519:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10520:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10521:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10522:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10523:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10524:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10525:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10526:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10527:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10528:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10529:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10530:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10531:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10532:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10533:*:*:*:*:*:*

EPSS

Процентиль: 83%
0.01885
Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-287

Связанные уязвимости

github логотип

GHSA-rvg5-hcw7-2823

github
около 4 лет назад

Zoho ManageEngine ServiceDesk Plus MSP before 10.5 Build 10534 is vulnerable to unauthenticated remote code execution due to a filter bypass in which authentication is not required.

EPSS

Процентиль: 83%
0.01885
Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-287