CVE-2021-37415
CRITICAL
9,8
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
HIGH
7,5
Source: [email protected]
Access Vector: network
Access Complexity: low
Authentication: none
Confidentiality: partial
Integrity: partial
Availability: partial
Description
AI Translation Available
Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-API URLs without authentication.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,9165
Percentile
1,0th
Updated
EPSS Score Trend (Last 90 Days)
306
Missing Authentication for Critical Function
DraftCommon Consequences
Security Scopes Affected:
Access Control
Other
Potential Impacts:
Gain Privileges Or Assume Identity
Varies By Context
Applicable Platforms
Technologies:
Cloud Computing, ICS/OT
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.0:11009:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11102:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11104:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11123:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11138:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11105:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.3:11300:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11113:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11144:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11142:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11103:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11135:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11143:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11120:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11115:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:-:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.0:11008:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11116:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11128:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11101:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11139:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11141:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11121:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11107:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11133:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.2:11204:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11100:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11112:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11131:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.2:11203:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11136:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.0:11007:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11134:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11126:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11110:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.2:11205:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.3:-:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.2:11200:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11137:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11118:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11119:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11114:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11125:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11130:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11111:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11124:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.2:11206:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11122:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11129:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.0:11005:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11140:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11106:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.2:11201:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11132:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11127:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.0:11006:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.0:11011:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.3:11301:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11108:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.2:11202:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.0:11010:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11117:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.2:-:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.2:11207:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Manageengine Servicedesk Plus by Zohocorp
CPE Identifier
View Detailed Analysis
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11109:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021…
https://www.manageengine.com
https://www.manageengine.com/products/service-desk/on-premises/readme.html#11302
https://www.manageengine.com
https://www.manageengine.com/products/service-desk/on-premises/readme.html#11302