Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2021-44652
HistoryJan 12, 2022 - 3:15 p.m.

CVE-2021-44652

2022-01-1215:15:07
mitre
web.nvd.nist.gov
26
cve-2021-44652
zoho manageengine
o365 manager plus
build 4416
remote code execution
bcp file overwrite
changedbapi
nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

54.3%

JSON

Zoho ManageEngine O365 Manager Plus before Build 4416 allows remote code execution via BCP file overwrite through the ChangeDBAPI component.

Affected configurations

Nvd
Node
zohocorpmanageengine_o365_manager_plusRange<4.4
OR
zohocorpmanageengine_o365_manager_plusMatch4.4-
OR
zohocorpmanageengine_o365_manager_plusMatch4.4build4400
OR
zohocorpmanageengine_o365_manager_plusMatch4.4build4401
OR
zohocorpmanageengine_o365_manager_plusMatch4.4build4402
OR
zohocorpmanageengine_o365_manager_plusMatch4.4build4403
OR
zohocorpmanageengine_o365_manager_plusMatch4.4build4406
OR
zohocorpmanageengine_o365_manager_plusMatch4.4build4407
OR
zohocorpmanageengine_o365_manager_plusMatch4.4build4408
OR
zohocorpmanageengine_o365_manager_plusMatch4.4build4410
OR
zohocorpmanageengine_o365_manager_plusMatch4.4build4411
OR
zohocorpmanageengine_o365_manager_plusMatch4.4build4412
OR
zohocorpmanageengine_o365_manager_plusMatch4.4build4413
OR
zohocorpmanageengine_o365_manager_plusMatch4.4build4414
OR
zohocorpmanageengine_o365_manager_plusMatch4.4build4415
VendorProductVersionCPE
zohocorpmanageengine_o365_manager_plus*cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:*:*:*:*:*:*:*:*
zohocorpmanageengine_o365_manager_plus4.4cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.4:-:*:*:*:*:*:*
zohocorpmanageengine_o365_manager_plus4.4cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.4:build4400:*:*:*:*:*:*
zohocorpmanageengine_o365_manager_plus4.4cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.4:build4401:*:*:*:*:*:*
zohocorpmanageengine_o365_manager_plus4.4cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.4:build4402:*:*:*:*:*:*
zohocorpmanageengine_o365_manager_plus4.4cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.4:build4403:*:*:*:*:*:*
zohocorpmanageengine_o365_manager_plus4.4cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.4:build4406:*:*:*:*:*:*
zohocorpmanageengine_o365_manager_plus4.4cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.4:build4407:*:*:*:*:*:*
zohocorpmanageengine_o365_manager_plus4.4cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.4:build4408:*:*:*:*:*:*
zohocorpmanageengine_o365_manager_plus4.4cpe:2.3:a:zohocorp:manageengine_o365_manager_plus:4.4:build4410:*:*:*:*:*:*
Rows per page:
1-10 of 151

Related

cnvd 1
cvelist 1
nvd 1
prion 1
cnvd
cnvd
Zoho ManageEngine O365 Manager Plus Remote Code Execution Vulnerability
2022-01-16 00:00:00
cvelist
cvelist
CVE-2021-44652
2022-01-12 14:59:37
nvd
nvd
CVE-2021-44652
2022-01-12 15:15:07
prion
prion
Remote code execution
2022-01-12 15:15:00

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

54.3%

JSON
Related for CVE-2021-44652
cnvd1cvelist1nvd1prion1