CVE-2021-20080
Published: Apr 9, 2021Modified: Nov 21, 2024
6.1
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Exploitability: 2.8 / Impact: 2.7
Source: NVD
4.3
Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
Exploitability: 8.6 / Impact: 2.9
Source: NVD
Description
Insufficient output sanitization in ManageEngine ServiceDesk Plus before version 11200 and ManageEngine AssetExplorer before version 6800 allows a remote, unauthenticated attacker to conduct persistent cross-site scripting (XSS) attacks by uploading a crafted XML asset file.
Affected (276)
Products: Zohocorp: Manageengine Servicedesk Plus
Configuration A276 vulnerable
| Vulnerable Software | Affected Versions |
|---|---|
| Version 10.0.0 | |
| Version 10.0.0 10000 | |
| Version 10.0.0 10001 | |
| Version 10.0.0 10002 | |
| Version 10.0.0 10003 | |
| Version 10.0.0 10004 | |
| Version 10.0.0 10005 | |
| Version 10.0.0 10006 | |
| Version 10.0.0 10007 | |
| Version 10.0.0 10008 | |
| Version 10.0.0 10009 | |
| Version 10.0.0 10010 | |
| Version 10.0.0 10011 | |
| Version 10.0.0 10012 | |
| Version 10.0.0 10013 | |
| Version 10.0.0 10014 | |
| Version 10.0.0 10015 | |
| Version 10.0.0 10016 | |
| Version 10.0.0 10017 | |
| Version 10.0.0 10018 | |
| Version 10.0.0 10019 | |
| Version 10.0.0 10020 | |
| Version 10.0.0 10021 | |
| Version 10.0 | |
| Version 10.5 | |
| Version 10.5 10500 | |
| Version 10.5 10501 | |
| Version 10.5 10502 | |
| Version 10.5 10503 | |
| Version 10.5 10504 | |
| Version 10.5 10505 | |
| Version 10.5 10506 | |
| Version 10.5 10507 | |
| Version 10.5 10508 | |
| Version 10.5 10509 | |
| Version 10.5 10510 | |
| Version 10.5 10511 | |
| Version 10.5 10512 | |
| Version 10.5 10513 | |
| Version 10.5 10514 | |
| Version 11.0 | |
| Version 11.0 11000 | |
| Version 11.0 11001 | |
| Version 11.0 11002 | |
| Version 11.0 11003 | |
| Version 11.0 11004 | |
| Version 11.0 11005 | |
| Version 11.0 11006 | |
| Version 11.0 11007 | |
| Version 11.0 11008 | |
| Version 11.0 11009 | |
| Version 11.0 11010 | |
| Version 11.1 | |
| Version 11.1 11100 | |
| Version 11.1 11101 | |
| Version 11.1 11102 | |
| Version 11.1 11103 | |
| Version 11.1 11104 | |
| Version 11.1 11105 | |
| Version 11.1 11106 | |
| Version 11.1 11107 | |
| Version 11.1 11108 | |
| Version 11.1 11109 | |
| Version 11.1 11110 | |
| Version 11.1 11111 | |
| Version 11.1 11112 | |
| Version 11.1 11113 | |
| Version 11.1 11114 | |
| Version 11.1 11115 | |
| Version 11.1 11116 | |
| Version 11.1 11117 | |
| Version 11.1 build11118 | |
| Version 11.1 build11119 | |
| Version 8.1 | |
| Version 8.2 | |
| Version 8.2 8201 | |
| Version 8.2 8202 | |
| Version 8.2 8203 | |
| Version 8.2 8204 | |
| Version 8.2 8205 | |
| Version 8.2 8206 | |
| Version 8.2 8207 | |
| Version 8.2 8208 | |
| Version 8.2 8209 | |
| Version 8.2 8210 | |
| Version 8.2 8211 | |
| Version 8.2 8212 | |
| Version 8.2 8213 | |
| Version 8.2 8214 | |
| Version 8.2 8215 | |
| Version 8.2 8216 | |
| Version 8.2 8217 | |
| Version 9.0 | |
| Version 9.0 9000 | |
| Version 9.0 9001 | |
| Version 9.0 9002 | |
| Version 9.0 9003 | |
| Version 9.0 9004 | |
| Version 9.0 9005 | |
| Version 9.0 9006 | |
| Version 9.0 9007 | |
| Version 9.0 9008 | |
| Version 9.0 9009 | |
| Version 9.0 9010 | |
| Version 9.0 9011 | |
| Version 9.0 9012 | |
| Version 9.0 9013 | |
| Version 9.0 9014 | |
| Version 9.0 9016 | |
| Version 9.0 9017 | |
| Version 9.0 9018 | |
| Version 9.0 9019 | |
| Version 9.0 9020 | |
| Version 9.0 9021 | |
| Version 9.0 9022 | |
| Version 9.0 9023 | |
| Version 9.0 9024 | |
| Version 9.0 9025 | |
| Version 9.0 9026 | |
| Version 9.0 9027 | |
| Version 9.0 9028 | |
| Version 9.0 9029 | |
| Version 9.0 9030 | |
| Version 9.0 9031 | |
| Version 9.0 9032 | |
| Version 9.0 9033 | |
| Version 9.0 9034 | |
| Version 9.0 9035 | |
| Version 9.0 9036 | |
| Version 9.0 9037 | |
| Version 9.0 9038 | |
| Version 9.0 9039 | |
| Version 9.0 9040 | |
| Version 9.0 9041 | |
| Version 9.0 9042 | |
| Version 9.0 9043 | |
| Version 9.0 9044 | |
| Version 9.0 9045 | |
| Version 9.0 9046 | |
| Version 9.0 9047 | |
| Version 9.0 9048 | |
| Version 9.0 9049 | |
| Version 9.1 | |
| Version 9.1 9100 | |
| Version 9.1 9101 | |
| Version 9.1 9102 | |
| Version 9.1 9103 | |
| Version 9.1 9104 | |
| Version 9.1 9105 | |
| Version 9.1 9106 | |
| Version 9.1 9107 | |
| Version 9.1 9108 | |
| Version 9.1 9109 | |
| Version 9.1 9110 | |
| Version 9.1 9111 | |
| Version 9.1 9112 | |
| Version 9.1 9113 | |
| Version 9.1 9114 | |
| Version 9.1 9115 | |
| Version 9.1 9116 | |
| Version 9.1 9117 | |
| Version 9.1 9118 | |
| Version 9.1 9119 | |
| Version 9.1 9120 | |
| Version 9.1 9121 | |
| Version 9.2 | |
| Version 9.2 9200 | |
| Version 9.2 9201 | |
| Version 9.2 9202 | |
| Version 9.2 9203 | |
| Version 9.2 9204 | |
| Version 9.2 9205 | |
| Version 9.2 9206 | |
| Version 9.2 9207 | |
| Version 9.2 9208 | |
| Version 9.2 9209 | |
| Version 9.2 9210 | |
| Version 9.2 9211 | |
| Version 9.2 9212 | |
| Version 9.2 9213 | |
| Version 9.2 9214 | |
| Version 9.2 9215 | |
| Version 9.2 9216 | |
| Version 9.2 9217 | |
| Version 9.2 9218 | |
| Version 9.2 9219 | |
| Version 9.2 9220 | |
| Version 9.2 9221 | |
| Version 9.2 9222 | |
| Version 9.2 9223 | |
| Version 9.2 9224 | |
| Version 9.2 9225 | |
| Version 9.2 9226 | |
| Version 9.2 9227 | |
| Version 9.2 9228 | |
| Version 9.2 9229 | |
| Version 9.2 9230 | |
| Version 9.2 9231 | |
| Version 9.2 9232 | |
| Version 9.2 9233 | |
| Version 9.2 9234 | |
| Version 9.2 9235 | |
| Version 9.2 9236 | |
| Version 9.2 9237 | |
| Version 9.2 9238 | |
| Version 9.2 9239 | |
| Version 9.2 9240 | |
| Version 9.2 9241 | |
| Version 9.2 9242 | |
| Version 9.3 | |
| Version 9.3 9300 | |
| Version 9.3 9301 | |
| Version 9.3 9302 | |
| Version 9.3 9303 | |
| Version 9.3 9304 | |
| Version 9.3 9305 | |
| Version 9.3 9306 | |
| Version 9.3 9307 | |
| Version 9.3 9308 | |
| Version 9.3 9309 | |
| Version 9.3 9310 | |
| Version 9.3 9311 | |
| Version 9.3 9312 | |
| Version 9.3 9313 | |
| Version 9.3 9314 | |
| Version 9.3 9315 | |
| Version 9.3 9316 | |
| Version 9.3 9317 | |
| Version 9.3 9318 | |
| Version 9.3 9319 | |
| Version 9.3 9320 | |
| Version 9.3 9321 | |
| Version 9.3 9322 | |
| Version 9.3 9323 | |
| Version 9.3 9324 | |
| Version 9.3 9325 | |
| Version 9.3 9326 | |
| Version 9.3 9327 | |
| Version 9.3 9328 | |
| Version 9.3 9329 | |
| Version 9.3 9330 | |
| Version 9.3 9331 | |
| Version 9.3 9332 | |
| Version 9.3 9333 | |
| Version 9.3 9334 | |
| Version 9.3 9335 | |
| Version 9.3 9336 | |
| Version 9.4 | |
| Version 9.4 9400 | |
| Version 9.4 9401 | |
| Version 9.4 9402 | |
| Version 9.4 9403 | |
| Version 9.4 9404 | |
| Version 9.4 9405 | |
| Version 9.4 9406 | |
| Version 9.4 9407 | |
| Version 9.4 9408 | |
| Version 9.4 9409 | |
| Version 9.4 9410 | |
| Version 9.4 9411 | |
| Version 9.4 9412 | |
| Version 9.4 9413 | |
| Version 9.4 9414 | |
| Version 9.4 9415 | |
| Version 9.4 9416 | |
| Version 9.4 9417 | |
| Version 9.4 9418 | |
| Version 9.4 9419 | |
| Version 9.4 9420 | |
| Version 9.4 9421 | |
| Version 9.4 9422 | |
| Version 9.4 9423 | |
| Version 9.4 9424 | |
| Version 9.4 9425 | |
| Version 9.4 9426 | |
| Version 9.4 9427 |
References (2)
Source: vulnreport@tenable.com
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Timeline
No history available yet.