CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2021-31160

HIGH
7.5
CVSS Severity Score
EPSS Score0.1470%
EPSS Percentile24.71th
Published2021年6月29日
Last Modified2025年5月30日

Vulnerability Description

Zoho ManageEngine ServiceDesk Plus MSP before 10521 allows an attacker to access internal data.

Affected Platforms (CPE)

📦
Zohocorp

Manageengine Servicedesk Plus

= 10.5
📦
Zohocorp

Manageengine Servicedesk Plus Msp

< 10.5
📦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
📦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
📦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
📦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
📦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
📦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
📦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
📦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
📦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
📦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
📦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
📦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
📦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
📦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
📦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
📦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
📦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
📦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
📦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
📦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5
📦
Zohocorp

Manageengine Servicedesk Plus Msp

= 10.5

References & Advisories

🔗 https://cds.thalesgroup.com/en/tcs-cert/CVE-2021-31160
🔗 https://excellium-services.com/cert-xlm-advisory/cve-2021-31160/
🔗 https://www.manageengine.com/products/service-desk-msp/readme.html#10521
🔗 https://excellium-services.com/cert-xlm-advisory/cve-2021-31160/
🔗 https://www.manageengine.com/products/service-desk-msp/readme.html#10521

相關漏洞威脅

CVE-2021-445269.8

Zoho ManageEngine ServiceDesk Plus before 12003 allows authentication bypass in certain admin configurations.

CVE-2021-315319.8

Zoho ManageEngine ServiceDesk Plus MSP before 10521 is vulnerable to Server-Side Request Forgery (SSRF).

CVE-2019-83959.8

An Insecure Direct Object Reference (IDOR) vulnerability exists in Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 1000...

CVE-2021-374159.8

Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-API URLs without aut...