Vulnerability Details CVE-2021-42847
Zoho ManageEngine ADAudit Plus before 7006 allows attackers to write to, and execute, arbitrary files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.871
EPSS Ranking 99.4%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://packetstormsecurity.com/files/172258/ManageEngine-ADAudit-Plus-Remote-Code-Execution.html
- https://pitstop.manageengine.com/portal/en/community/topic/fix-released-for-a-vulnerability-in-manageengine-adaudit-plus
- http://packetstormsecurity.com/files/172258/ManageEngine-ADAudit-Plus-Remote-Code-Execution.html
- https://pitstop.manageengine.com/portal/en/community/topic/fix-released-for-a-vulnerability-in-manageengine-adaudit-plus
Products affected by CVE-2021-42847
-
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:-
-
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:4.1.0
-
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:4.5.0
-
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:5.0.0
-
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:5.1
-
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:6.0
-
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:6.0.1
-
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0