Lucene search
+L

5 matches found

hivepro
hivepro
added 2022/01/19 1:49 p.m.41 views

Zoho ManageEngine Desktop Central affected by critical vulnerability

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Zoho has patched a critical vulnerability CVE-2021-44757 in Desktop Central and Desktop Central MSP which are unified endpoint management UEM solutions. A security vulnerability exists in the Desktop Central and Desktop...

6.4CVSS0.1AI score0.24195EPSS
Exploits0
CISA
CISA
added 2022/01/19 12:0 a.m.39 views

Zoho Releases Security Advisory for ManageEngine Desktop Central and Desktop Central MSP

Zoho has released a security advisory to address an authentication bypass vulnerability CVE-2021-44757 in ManageEngine Desktop Central and Desktop Central MSP. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review th...

6.4CVSS2.7AI score0.24195EPSS
Exploits0References3
CVE
CVE
added 2022/01/18 9:21 a.m.129 views

CVE-2021-44757

CVE-2021-44757 affects Zoho ManageEngine Desktop Central and Desktop Central MSP prior to 10.1.2137.9. The vulnerability enables authentication bypass, allowing an attacker to read sensitive data or upload an arbitrary ZIP file to the server due to improper authentication checks. Remediation is t...

9.1CVSS9AI score0.24195EPSS
Exploits0References1Affected Software2
The Hacker News
The Hacker News
added 2022/01/18 5:13 a.m.142 views

Zoho Releases Patch for Critical Flaw Affecting ManageEngine Desktop Central

Enterprise software maker Zoho on Monday issued patches for a critical security vulnerability in Desktop Central and Desktop Central MSP that a remote adversary could exploit to perform unauthorized actions in affected servers. Tracked as CVE-2021-44757, the shortcoming concerns an instance of...

10CVSS2.2AI score0.99867EPSS
Exploits16
Tenable Nessus
Tenable Nessus
added 2022/01/18 12:0 a.m.111 views

ManageEngine Desktop Central < 10.1.2137.9 Authentication Bypass (CVE-2021-44757)

The ManageEngine Desktop Central application running on the remote host is affected by an authentication bypass vulnerability which allows an adversary to bypass authentication and read unauthorized data or write an arbitrary zip file on the Desktop Central server. Note that Nessus has not tested...

9.1CVSS8.8AI score0.24195EPSS
Exploits0References3
Rows per page
Query Builder