Search
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-44077 | 1 Zohocorp | 3 Manageengine Servicedesk Plus, Manageengine Servicedesk Plus Msp, Manageengine Supportcenter Plus | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration. | |||||
| CVE-2021-37415 | 1 Zohocorp | 1 Manageengine Servicedesk Plus | 2022-07-12 | 7.5 HIGH | 9.8 CRITICAL |
| Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-API URLs without authentication. | |||||
| CVE-2021-44526 | 1 Zohocorp | 1 Manageengine Servicedesk Plus | 2022-07-12 | 6.8 MEDIUM | 9.8 CRITICAL |
| Zoho ManageEngine ServiceDesk Plus before 12003 allows authentication bypass in certain admin configurations. | |||||
| CVE-2019-8395 | 1 Zohocorp | 1 Manageengine Servicedesk Plus | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| An Insecure Direct Object Reference (IDOR) vulnerability exists in Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10007 via an attachment to a request. | |||||