Vulnerability Details CVE-2021-37927
Zoho ManageEngine ADManager Plus version 7110 and prior allows account takeover via SSO.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.8%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://www.manageengine.com
- https://www.manageengine.com/products/ad-manager/release-notes.html#7111
- https://www.manageengine.com/products/self-service-password/release-notes.html#6110
- https://www.manageengine.com
- https://www.manageengine.com/products/ad-manager/release-notes.html#7111
- https://www.manageengine.com/products/self-service-password/release-notes.html#6110
Products affected by CVE-2021-37927
-
cpe:2.3:a:zohocorp:manageengine_admanager_plus:-
-
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.1
-
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.2
-
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.5.7
-
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.6
-
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.6.5
-
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0
-
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1