Lucene search
China National Vulnerability DatabaseCNVD-2021-53908HistoryJun 11, 2021 - 12:00 a.m.
ZOHO ManageEngine ServiceDesk Plus Input Validation Error Vulnerability
2021-06-1100:00:00
China National Vulnerability Database
www.cnvd.org.cn
12
security vulnerability
input validation error
zoho manageengine
sdp
arbitrary commands
system privileges
exploitation
EPSS
0.032
Percentile
91.2%
ZOHO ManageEngine ServiceDesk Plus (SDP), an ITIL-based IT service management software from ZOHO, is vulnerable to an input validation error in versions prior to ZOHO ManageEngine ServiceDesk Plus (SDP) 11205, which could be exploited by an attacker to execute arbitrary commands with SYSTEM privileges. The vulnerability can be exploited to execute arbitrary commands using SYSTEM privileges.
Related
cvelist
cvelist
CVE-2021-20081
2021-06-10 11:01:56
cve
cve
CVE-2021-20081
2021-06-10 12:15:07
nvd
nvd
CVE-2021-20081
2021-06-10 12:15:07
checkpoint_advisories
checkpoint_advisories
ManageEngine ServiceDesk Plus Command Injection (CVE-2021-20081)
2021-07-21 00:00:00
prion
prion
Design/Logic Flaw
2021-06-10 12:15:00
nessus
nessus
ManageEngine ServiceDesk Plus < 11.2 Build 11205 RCE
2021-07-02 00:00:00