Vulnerability Details CVE-2021-42955
Zoho Remote Access Plus Server Windows Desktop binary fixed in version 10.1.2132 is affected by an unauthorized password reset vulnerability. Because of the designed password reset mechanism, any non-admin Windows user can reset the password of the Remote Access Plus Server Admin account.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.4%
CVSS Severity
CVSS v3 Score 7.3
CVSS v2 Score 7.2
References
Products affected by CVE-2021-42955
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:-
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.252
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.253
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.254
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.255
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.256
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.257
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.258
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.259
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.415
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.416
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.421
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.422
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.428
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.430
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.431
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.432
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.433
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.434
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.435
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.436
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.440
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.447
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.448
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.450
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.451
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.452
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.453
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.454
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.465
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.466
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.468
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.469
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.472
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.473
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.0.476
-
cpe:2.3:a:zohocorp:manageengine_remote_access_plus:10.1.2119.1
-
cpe:2.3:o:microsoft:windows:-