CVE-2021-44675

2021-12-2014:57:06

mitre

www.cve.org

10 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.2%

JSON

Zoho ManageEngine ServiceDesk Plus MSP before 10.5 Build 10534 is vulnerable to unauthenticated remote code execution due to a filter bypass in which authentication is not required.

References

pitstop.manageengine.com/portal/en/community/topic/security-advisory-authentication-bypass-vulnerabilities-in-servicedesk-plus-msp-that-could-lead-to-remote-code-execution