Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HZohocorp Manageengine Servicedesk Plus
APPZohocorp11.111.211.3< 11.1Zohocorp Manageengine Servicedesk Plus Msp
APPZohocorp10.5< 10.5Zohocorp Manageengine Supportcenter Plus
APPZohocorp11.0< 11.0
CISA KEV — detailsi
- Vendori
- Zoho ↗
- Producti
- ManageEngine ServiceDesk Plus (SDP) / SupportCenter Plus
- Added to KEVi
- December 1, 2021
- Remediation deadline (US Federal)i
- December 15, 2021(overdue)
Apply updates per vendor instructions.
Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution
Related vulnerabilities
Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code exec...
Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-...
OS Command injection vulnerability in Support Center Plus 11 via Executor in Action when creating new schedule...
Zoho ManageEngine ServiceDesk Plus MSP before 10611, and 13x before 13004, is vulnerable to authentication byp...
In Zoho ManageEngine SupportCenter Plus before 11023, V3 API requests are vulnerable to authentication bypass....