Vulnerability Details CVE-2021-41833
Zoho ManageEngine Patch Connect Plus before 90099 is vulnerable to unauthenticated remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.273
EPSS Ranking 96.1%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://pitstop.manageengine.com/portal/en/community/topic/unauthenticated-remote-code-execution-vulnerability-solved
- https://www.manageengine.com/sccm-third-party-patch-management/kb/unauthenticated-remote-code-execution.html
- https://pitstop.manageengine.com/portal/en/community/topic/unauthenticated-remote-code-execution-vulnerability-solved
- https://www.manageengine.com/sccm-third-party-patch-management/kb/unauthenticated-remote-code-execution.html
Products affected by CVE-2021-41833
-
cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:*
-
cpe:2.3:a:zohocorp:manageengine_patch_connect_plus:9.0.0