Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-11-29T03:17:45

Updated: 2024-08-04T04:10:17.351Z

Reserved: 2021-11-20T00:00:00

Link: CVE-2021-44077

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-11-29T04:15:06.737

Modified: 2024-11-21T06:30:19.610

Link: CVE-2021-44077

cve-icon Redhat

No data.