Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2021-41833
HistoryNov 11, 2021 - 5:15 a.m.

CVE-2021-41833

2021-11-1105:15:09
CWE-434
mitre
web.nvd.nist.gov
37
cve-2021-41833
zoho
manageengine
patch connect plus
remote code execution
vulnerability
unauthenticated

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.005

Percentile

76.5%

JSON

Zoho ManageEngine Patch Connect Plus before 90099 is vulnerable to unauthenticated remote code execution.

Affected configurations

Nvd
Node
zohocorpmanageengine_patch_connect_plusRange<9.0.0
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0-
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90001
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90063
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90064
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90065
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90066
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90067
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90068
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90069
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90070
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90071
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90072
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90073
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90074
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90075
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90076
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90077
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90078
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90079
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90080
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90081
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90082
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90083
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90084
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90085
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90086
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90087
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90088
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90089
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90090
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90091
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90092
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90093
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90094
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90095
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90096
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90097
OR
zohocorpmanageengine_patch_connect_plusMatch9.0.0build90098
VendorProductVersionCPE
zohocorpmanageengine_patch_connect_plus*cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:*:*:*:*:*:*:*:*
zohocorpmanageengine_patch_connect_plus9.0.0cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:-:*:*:*:*:*:*
zohocorpmanageengine_patch_connect_plus9.0.0cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90001:*:*:*:*:*:*
zohocorpmanageengine_patch_connect_plus9.0.0cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90063:*:*:*:*:*:*
zohocorpmanageengine_patch_connect_plus9.0.0cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90064:*:*:*:*:*:*
zohocorpmanageengine_patch_connect_plus9.0.0cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90065:*:*:*:*:*:*
zohocorpmanageengine_patch_connect_plus9.0.0cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90066:*:*:*:*:*:*
zohocorpmanageengine_patch_connect_plus9.0.0cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90067:*:*:*:*:*:*
zohocorpmanageengine_patch_connect_plus9.0.0cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90068:*:*:*:*:*:*
zohocorpmanageengine_patch_connect_plus9.0.0cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0:build90069:*:*:*:*:*:*
Rows per page:
1-10 of 391

Related

prion 1
cvelist 1
nvd 1
prion
prion
Remote code execution
2021-11-11 05:15:00
cvelist
cvelist
CVE-2021-41833
2021-11-11 04:30:52
nvd
nvd
CVE-2021-41833
2021-11-11 05:15:09

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.005

Percentile

76.5%

JSON
Related for CVE-2021-41833
prion1cvelist1nvd1