Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-11-29T03:17:45
Updated: 2024-08-04T04:10:17.351Z
Reserved: 2021-11-20T00:00:00
Link: CVE-2021-44077
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-11-29T04:15:06.737
Modified: 2024-11-21T06:30:19.610
Link: CVE-2021-44077
Redhat
No data.