Lucene search

[email protected]CVE-2021-42099

HistoryNov 30, 2021 - 7:15 p.m.

CVE-2021-42099

2021-11-3019:15:09

CWE-434

[email protected]

web.nvd.nist.gov

zoho

manageengine

m365 manager plus

4421

file-upload

remote code execution

cve-2021-42099

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

79.8%

JSON

Zoho ManageEngine M365 Manager Plus before 4421 is vulnerable to file-upload remote code execution.

Affected configurations

NVD

Node

zohocorpmanageengine_m365_manager_plusMatch-

zohocorpmanageengine_m365_manager_plusMatchbuild_4000

zohocorpmanageengine_m365_manager_plusMatchbuild_4001

zohocorpmanageengine_m365_manager_plusMatchbuild_4002

zohocorpmanageengine_m365_manager_plusMatchbuild_4003

zohocorpmanageengine_m365_manager_plusMatchbuild_4004

zohocorpmanageengine_m365_manager_plusMatchbuild_4005

zohocorpmanageengine_m365_manager_plusMatchbuild_4007

zohocorpmanageengine_m365_manager_plusMatchbuild_4008

zohocorpmanageengine_m365_manager_plusMatchbuild_4009

zohocorpmanageengine_m365_manager_plusMatchbuild_4010

zohocorpmanageengine_m365_manager_plusMatchbuild_4011

zohocorpmanageengine_m365_manager_plusMatchbuild_4012

zohocorpmanageengine_m365_manager_plusMatchbuild_4013

zohocorpmanageengine_m365_manager_plusMatchbuild_4014

zohocorpmanageengine_m365_manager_plusMatchbuild_4100

zohocorpmanageengine_m365_manager_plusMatchbuild_4101

zohocorpmanageengine_m365_manager_plusMatchbuild_4102

zohocorpmanageengine_m365_manager_plusMatchbuild_4103

zohocorpmanageengine_m365_manager_plusMatchbuild_4104

zohocorpmanageengine_m365_manager_plusMatchbuild_4105

zohocorpmanageengine_m365_manager_plusMatchbuild_4106

zohocorpmanageengine_m365_manager_plusMatchbuild_4108

zohocorpmanageengine_m365_manager_plusMatchbuild_4109

zohocorpmanageengine_m365_manager_plusMatchbuild_4110

zohocorpmanageengine_m365_manager_plusMatchbuild_4111

zohocorpmanageengine_m365_manager_plusMatchbuild_4112

zohocorpmanageengine_m365_manager_plusMatchbuild_4113

zohocorpmanageengine_m365_manager_plusMatchbuild_4115

zohocorpmanageengine_m365_manager_plusMatchbuild_4116

zohocorpmanageengine_m365_manager_plusMatchbuild_4117

zohocorpmanageengine_m365_manager_plusMatchbuild_4118

zohocorpmanageengine_m365_manager_plusMatchbuild_4119

zohocorpmanageengine_m365_manager_plusMatchbuild_4200

zohocorpmanageengine_m365_manager_plusMatchbuild_4201

zohocorpmanageengine_m365_manager_plusMatchbuild_4202

zohocorpmanageengine_m365_manager_plusMatchbuild_4203

zohocorpmanageengine_m365_manager_plusMatchbuild_4204

zohocorpmanageengine_m365_manager_plusMatchbuild_4205

zohocorpmanageengine_m365_manager_plusMatchbuild_4206

zohocorpmanageengine_m365_manager_plusMatchbuild_4207

zohocorpmanageengine_m365_manager_plusMatchbuild_4208

zohocorpmanageengine_m365_manager_plusMatchbuild_4209

zohocorpmanageengine_m365_manager_plusMatchbuild_4210

zohocorpmanageengine_m365_manager_plusMatchbuild_4211

zohocorpmanageengine_m365_manager_plusMatchbuild_4212

zohocorpmanageengine_m365_manager_plusMatchbuild_4213

zohocorpmanageengine_m365_manager_plusMatchbuild_4214

zohocorpmanageengine_m365_manager_plusMatchbuild_4215

zohocorpmanageengine_m365_manager_plusMatchbuild_4216

zohocorpmanageengine_m365_manager_plusMatchbuild_4217

zohocorpmanageengine_m365_manager_plusMatchbuild_4218

zohocorpmanageengine_m365_manager_plusMatchbuild_4219

zohocorpmanageengine_m365_manager_plusMatchbuild_4220

zohocorpmanageengine_m365_manager_plusMatchbuild_4221

zohocorpmanageengine_m365_manager_plusMatchbuild_4222

zohocorpmanageengine_m365_manager_plusMatchbuild_4300

zohocorpmanageengine_m365_manager_plusMatchbuild_4301

zohocorpmanageengine_m365_manager_plusMatchbuild_4302

zohocorpmanageengine_m365_manager_plusMatchbuild_4303

zohocorpmanageengine_m365_manager_plusMatchbuild_4304

zohocorpmanageengine_m365_manager_plusMatchbuild_4305

zohocorpmanageengine_m365_manager_plusMatchbuild_4306

zohocorpmanageengine_m365_manager_plusMatchbuild_4308

zohocorpmanageengine_m365_manager_plusMatchbuild_4309

zohocorpmanageengine_m365_manager_plusMatchbuild_4310

zohocorpmanageengine_m365_manager_plusMatchbuild_4311

zohocorpmanageengine_m365_manager_plusMatchbuild_4312

zohocorpmanageengine_m365_manager_plusMatchbuild_4316

zohocorpmanageengine_m365_manager_plusMatchbuild_4317

zohocorpmanageengine_m365_manager_plusMatchbuild_4318

zohocorpmanageengine_m365_manager_plusMatchbuild_4319

zohocorpmanageengine_m365_manager_plusMatchbuild_4320

zohocorpmanageengine_m365_manager_plusMatchbuild_4321

zohocorpmanageengine_m365_manager_plusMatchbuild_4322

zohocorpmanageengine_m365_manager_plusMatchbuild_4324

zohocorpmanageengine_m365_manager_plusMatchbuild_4325

zohocorpmanageengine_m365_manager_plusMatchbuild_4327

zohocorpmanageengine_m365_manager_plusMatchbuild_4328

zohocorpmanageengine_m365_manager_plusMatchbuild_4329

zohocorpmanageengine_m365_manager_plusMatchbuild_4330

zohocorpmanageengine_m365_manager_plusMatchbuild_4331

zohocorpmanageengine_m365_manager_plusMatchbuild_4332

zohocorpmanageengine_m365_manager_plusMatchbuild_4333

zohocorpmanageengine_m365_manager_plusMatchbuild_4334

zohocorpmanageengine_m365_manager_plusMatchbuild_4335

zohocorpmanageengine_m365_manager_plusMatchbuild_4336

zohocorpmanageengine_m365_manager_plusMatchbuild_4400

zohocorpmanageengine_m365_manager_plusMatchbuild_4401

zohocorpmanageengine_m365_manager_plusMatchbuild_4402

zohocorpmanageengine_m365_manager_plusMatchbuild_4403

zohocorpmanageengine_m365_manager_plusMatchbuild_4406

zohocorpmanageengine_m365_manager_plusMatchbuild_4407

zohocorpmanageengine_m365_manager_plusMatchbuild_4408

zohocorpmanageengine_m365_manager_plusMatchbuild_4410

zohocorpmanageengine_m365_manager_plusMatchbuild_4411

zohocorpmanageengine_m365_manager_plusMatchbuild_4412

zohocorpmanageengine_m365_manager_plusMatchbuild_4413

zohocorpmanageengine_m365_manager_plusMatchbuild_4414

zohocorpmanageengine_m365_manager_plusMatchbuild_4415

zohocorpmanageengine_m365_manager_plusMatchbuild_4416

zohocorpmanageengine_m365_manager_plusMatchbuild_4417

zohocorpmanageengine_m365_manager_plusMatchbuild_4418

zohocorpmanageengine_m365_manager_plusMatchbuild_4419

CPENameOperatorVersion
zohocorp:manageengine_m365_manager_pluszohocorp manageengine m365 manager pluseq-
zohocorp:manageengine_m365_manager_pluszohocorp manageengine m365 manager pluseqbuild_4000
zohocorp:manageengine_m365_manager_pluszohocorp manageengine m365 manager pluseqbuild_4001
zohocorp:manageengine_m365_manager_pluszohocorp manageengine m365 manager pluseqbuild_4002
zohocorp:manageengine_m365_manager_pluszohocorp manageengine m365 manager pluseqbuild_4003
zohocorp:manageengine_m365_manager_pluszohocorp manageengine m365 manager pluseqbuild_4004
zohocorp:manageengine_m365_manager_pluszohocorp manageengine m365 manager pluseqbuild_4005
zohocorp:manageengine_m365_manager_pluszohocorp manageengine m365 manager pluseqbuild_4007
zohocorp:manageengine_m365_manager_pluszohocorp manageengine m365 manager pluseqbuild_4008
zohocorp:manageengine_m365_manager_pluszohocorp manageengine m365 manager pluseqbuild_4009

CPE	Name	Operator	Version
zohocorp:manageengine_m365_manager_plus	zohocorp manageengine m365 manager plus	eq	-
zohocorp:manageengine_m365_manager_plus	zohocorp manageengine m365 manager plus	eq	build_4000
zohocorp:manageengine_m365_manager_plus	zohocorp manageengine m365 manager plus	eq	build_4001
zohocorp:manageengine_m365_manager_plus	zohocorp manageengine m365 manager plus	eq	build_4002
zohocorp:manageengine_m365_manager_plus	zohocorp manageengine m365 manager plus	eq	build_4003
zohocorp:manageengine_m365_manager_plus	zohocorp manageengine m365 manager plus	eq	build_4004
zohocorp:manageengine_m365_manager_plus	zohocorp manageengine m365 manager plus	eq	build_4005
zohocorp:manageengine_m365_manager_plus	zohocorp manageengine m365 manager plus	eq	build_4007
zohocorp:manageengine_m365_manager_plus	zohocorp manageengine m365 manager plus	eq	build_4008
zohocorp:manageengine_m365_manager_plus	zohocorp manageengine m365 manager plus	eq	build_4009

Rows per page:

1-10 of 1041

References

www.manageengine.com

www.manageengine.com/microsoft-365-management-reporting/release-notes.html#4421

Social References

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

79.8%

JSON

Related for CVE-2021-42099

cnvd1 prion1 nvd1 cvelist1