Lucene search
HistoryJun 16, 2021 - 1:15 p.m.
CVE-2021-31159
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
0.065 Low
EPSS
Percentile
93.8%
Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due to improper error-message generation in the Forgot Password functionality, aka SDPMSP-15732.
Affected configurations
Node
zohocorpmanageengine_servicedesk_plus_mspRange8.0–9.4
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.510500
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.510501
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.510502
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.510503
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.510504
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.510505
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.510506
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.510507
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.510508
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.510509
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.510510
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.510511
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.510512
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.510513
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.510514
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.510515
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.510516
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.510517
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.510518
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58000
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58001
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58002
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58003
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58004
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58100
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58101
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58102
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58103
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58104
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58105
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58200
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58201
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58202
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58203
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58204
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58205
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58206
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58207
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58208
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58209
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58210
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58211
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58300
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58301
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58302
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58303
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58304
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58305
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58306
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58307
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58308
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58309
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58310
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58311
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.58312
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59000
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59001
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59002
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59003
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59004
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59005
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59006
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59007
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59008
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59009
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59201
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59203
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59204
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59205
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59206
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59207
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59208
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59209
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59210
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59300
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59301
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59302
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59303
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59304
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59305
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59306
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59307
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59308
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59400
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59401
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59402
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59403
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59404
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59405
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59406
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59407
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59408
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59409
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59410
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59411
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59412
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59413
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59414
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59415
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59416
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59417
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59418
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59419
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59420
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59421
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59422
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59423
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59424
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59425
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59426
ORzohocorpmanageengine_servicedesk_plus_mspMatch10.59427
Related
zdt
zdt
Zoho ManageEngine ServiceDesk Plus MSP 9.4 - User Enumeration Exploit
2021-06-17 00:00:00
prion
prion
Default credentials
2021-06-16 13:15:00
cvelist
cvelist
CVE-2021-31159
2021-06-16 12:51:13
packetstorm
packetstorm
Zoho ManageEngine ServiceDesk Plus 9.4 User Enumeration
2021-06-17 00:00:00
cve
cve
CVE-2021-31159
2021-06-16 13:15:11
githubexploit
githubexploit
exploitdb
exploitdb
Zoho ManageEngine ServiceDesk Plus MSP 9.4 - User Enumeration
2021-06-17 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
0.065 Low
EPSS
Percentile
93.8%
Related for NVD:CVE-2021-31159