CyberSec.Space Logo
Back to CVE Browser

CVE-2021-31531

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0710%
EPSS Percentile43.20th
PublishedJun 29, 2021
Last ModifiedMay 30, 2025

Vulnerability Description

Zoho ManageEngine ServiceDesk Plus MSP before 10521 is vulnerable to Server-Side Request Forgery (SSRF).

Affected Platforms (CPE)

πŸ“¦
Zohocorp

Manageengine Servicedesk Plus Msp

< 10.5
πŸ“¦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
πŸ“¦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
πŸ“¦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
πŸ“¦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
πŸ“¦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
πŸ“¦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
πŸ“¦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
πŸ“¦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
πŸ“¦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
πŸ“¦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
πŸ“¦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
πŸ“¦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
πŸ“¦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
πŸ“¦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
πŸ“¦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
πŸ“¦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
πŸ“¦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
πŸ“¦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
πŸ“¦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
πŸ“¦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
πŸ“¦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
πŸ“¦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5

References & Advisories

πŸ”— https://cds.thalesgroup.com/en/tcs-cert/CVE-2021-31531
πŸ”— https://excellium-services.com/cert-xlm-advisory/cve-2021-31531/
πŸ”— https://www.manageengine.com/products/service-desk-msp/readme.html#10521
πŸ”— https://excellium-services.com/cert-xlm-advisory/cve-2021-31531/
πŸ”— https://www.manageengine.com/products/service-desk-msp/readme.html#10521

Related Vulnerabilities

CVE-2021-440779.8

Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulner...

CVE-2021-446759.8

Zoho ManageEngine ServiceDesk Plus MSP before 10.5 Build 10534 is vulnerable to unauthenticated remote code execution due to a fil...

CVE-2021-311607.5

Zoho ManageEngine ServiceDesk Plus MSP before 10521 allows an attacker to access internal data.

CVE-2021-315307.5

Zoho ManageEngine ServiceDesk Plus MSP before 10522 is vulnerable to Information Disclosure.