Zoho ManageEngine ServiceDesk Plus MSP before 10521 is vulnerable to Server-Side Request Forgery (SSRF).
References
Link | Resource |
---|---|
https://excellium-services.com/cert-xlm-advisory/cve-2021-31531/ | Broken Link |
https://www.manageengine.com/products/service-desk-msp/readme.html#10521 | Release Notes Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
02 Jul 2021, 19:40
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10515:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10508:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10502:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10506:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10518:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10500:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10511:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:*:*:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10517:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10512:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10513:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10514:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10507:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10503:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10510:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10504:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10520:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10505:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10509:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:*:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10516:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10501:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10519:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
CWE | CWE-918 | |
References |
|
|
References | (CONFIRM) https://www.manageengine.com/products/service-desk-msp/readme.html#10521 - Release Notes, Vendor Advisory |
29 Jun 2021, 14:37
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-06-29 14:15
Updated : 2024-02-04 21:47
NVD link : CVE-2021-31531
Mitre link : CVE-2021-31531
CVE.ORG link : CVE-2021-31531
JSON object : View
Products Affected
zohocorp
- manageengine_servicedesk_plus_msp
CWE
CWE-918
Server-Side Request Forgery (SSRF)