CVE-2021-44515

NVD Published Date: December 12, 2021 at 05:15 AM
NVD Last Modified: July 12, 2022 at 05:42 PM
Download Patch
Vulnerability ID
CVE-2021-44515
Severity
CRITICAL
Severity Score
9.8
Summary
Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code execution on the server, as exploited in the wild in December 2021. For Enterprise builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For Enterprise builds 10.1.2128.0 through 10.1.2137.2, upgrade to 10.1.2137.3. For MSP builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For MSP builds 10.1.2128.0 through 10.1.2137.2, upgrade to 10.1.2137.3.
Metasploit Payload
-
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE ID
NVD-CWE-noinfo

Recent Publish

CVE-2022-23131

CVE-2021-35587

CVE-2022-20699

CVE-2022-20700

CVE-2022-24112

CVE-2022-24086

See SecOps Solution
in action

Schedule Demo