CVE-2021-44675

2021-12-2014:57:06

mitre

www.cve.org

zoho manageengine

servicedesk plus msp

vulnerability

unauthenticated

remote code execution

AI Score

Confidence

High

EPSS

0.008

Percentile

81.4%

JSON

Zoho ManageEngine ServiceDesk Plus MSP before 10.5 Build 10534 is vulnerable to unauthenticated remote code execution due to a filter bypass in which authentication is not required.

References

pitstop.manageengine.com/portal/en/community/topic/security-advisory-authentication-bypass-vulnerabilities-in-servicedesk-plus-msp-that-could-lead-to-remote-code-execution